Uploaded image for project: 'Struts 2'
  1. Struts 2
  2. WW-4526

Invalid action generated by the form tag

Details

    • Bug
    • Status: Closed
    • Critical
    • Resolution: Fixed
    • 2.3.24
    • 2.3.28, 2.5
    • Core Actions, Value Stack
    • None
    • Patch

    Description

      Following the migration of Struts framework from 2.3.16.3 to 2.3.24, we detected that the action attribute of HTML tag Form generated with the Struts Form Tag contains an invalid scheme when the associated action class contains an accessor named getScheme().

      The value of this accessor is retrieved in org.apache.struts2.components.ServletUrlRender#renderFormUrl() from the ValueStack.

      ValueStack vs = ActionContext.getContext().getValueStack();
      String scheme = vs.findString("scheme");

      The attachement contains a sample that illustrate the issue.

      Run simply the command mvn tomcat:run to execute it .

      It contains also a "patch" that overrides de DefaultUrlHelper . It checks if the scheme is equals to a valid scheme (http/https) and calls the default implementation. In case of the scheme is not valid, it calls the default implementation with null argument for the scheme ( replaced by the HttpServletRequest#getScheme() in the default implementation).

      Attachments

        1. struts2-form-url.zip
          40 kB
          David Vanacker

        Issue Links

          Activity

            Commit 3e2d5da12c3bc426df346554d9d53cf9b6f09c1a in struts's branch refs/heads/support-2-3 from lukasz03
            [ https://git-wip-us.apache.org/repos/asf?p=struts.git;h=3e2d5da ]

            WW-4526 Checks if passed in scheme param is valid

            jira-bot ASF subversion and git services added a comment - Commit 3e2d5da12c3bc426df346554d9d53cf9b6f09c1a in struts's branch refs/heads/support-2-3 from lukasz03 [ https://git-wip-us.apache.org/repos/asf?p=struts.git;h=3e2d5da ] WW-4526 Checks if passed in scheme param is valid
            lukaszlenart Lukasz Lenart added a comment -

            vanackda what do you think about the above solution?

            lukaszlenart Lukasz Lenart added a comment - vanackda what do you think about the above solution?
            hudson Hudson added a comment -

            SUCCESS: Integrated in Struts-JDK6-support-2.3 #922 (See https://builds.apache.org/job/Struts-JDK6-support-2.3/922/)
            WW-4526 Checks if passed in scheme param is valid (lukaszlenart: rev 3e2d5da12c3bc426df346554d9d53cf9b6f09c1a)

            • core/src/main/java/org/apache/struts2/views/util/DefaultUrlHelper.java
            hudson Hudson added a comment - SUCCESS: Integrated in Struts-JDK6-support-2.3 #922 (See https://builds.apache.org/job/Struts-JDK6-support-2.3/922/ ) WW-4526 Checks if passed in scheme param is valid (lukaszlenart: rev 3e2d5da12c3bc426df346554d9d53cf9b6f09c1a) core/src/main/java/org/apache/struts2/views/util/DefaultUrlHelper.java
            vanackda David Vanacker added a comment -

            Tested and approved.

            vanackda David Vanacker added a comment - Tested and approved.

            Commit b44fa2934fbdcbe5b0c1e2abfc03d08f8771990c in struts's branch refs/heads/master from lukaszlenart
            [ https://git-wip-us.apache.org/repos/asf?p=struts.git;h=b44fa29 ]

            WW-4526 Checks if passed in scheme param is valid
            (cherry picked from commit 3e2d5da)

            jira-bot ASF subversion and git services added a comment - Commit b44fa2934fbdcbe5b0c1e2abfc03d08f8771990c in struts's branch refs/heads/master from lukaszlenart [ https://git-wip-us.apache.org/repos/asf?p=struts.git;h=b44fa29 ] WW-4526 Checks if passed in scheme param is valid (cherry picked from commit 3e2d5da)
            lukaszlenart Lukasz Lenart added a comment -

            Great!

            lukaszlenart Lukasz Lenart added a comment - Great!
            hudson Hudson added a comment -

            FAILURE: Integrated in Struts-JDK7-master #379 (See https://builds.apache.org/job/Struts-JDK7-master/379/)
            WW-4526 Checks if passed in scheme param is valid (cherry picked from (lukaszlenart: rev b44fa2934fbdcbe5b0c1e2abfc03d08f8771990c)

            • core/src/main/java/org/apache/struts2/views/util/DefaultUrlHelper.java
            hudson Hudson added a comment - FAILURE: Integrated in Struts-JDK7-master #379 (See https://builds.apache.org/job/Struts-JDK7-master/379/ ) WW-4526 Checks if passed in scheme param is valid (cherry picked from (lukaszlenart: rev b44fa2934fbdcbe5b0c1e2abfc03d08f8771990c) core/src/main/java/org/apache/struts2/views/util/DefaultUrlHelper.java

            People

              lukaszlenart Lukasz Lenart
              vanackda David Vanacker
              Votes:
              1 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: