[WW-2489] Interceptor Stack Order - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Minor
Resolution: Not A Problem
Affects Version/s: 2.0.11
Fix Version/s: None
Component/s: XML Configuration
Labels:
None
Environment:

any

Description

struts-default.xml (struts 2.0.11) gives this interceptor order in the stacks:

<interceptor-ref name="staticParams"/>
<interceptor-ref name="params"/>

is it correct that staticParams comes before params ? this allow GET and POST variable to overwrite statically set parameters. Maybe this can lead to security risks.

Attachments

Activity

People

Assignee:: Unassigned

Reporter:: GF

Votes:: 0 Vote for this issue

Watchers:: 0 Start watching this issue

Dates

Created:: 14/Feb/08 11:16

Updated:: 28/Oct/12 22:13

Resolved:: 20/Apr/08 03:38