Uploaded image for project: 'Struts 2'
  1. Struts 2
  2. WW-4710

Disallow access to HttpParameters.toMap

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 2.5.5
    • Fix Version/s: 2.5.8
    • Component/s: Core
    • Labels:
      None

      Description

      HttpParameters.toMap can be potentially danger as allow access raw parameters' values.

        Activity

        Hide
        hudson Hudson added a comment -

        SUCCESS: Integrated in Jenkins build Struts-JDK7-master #547 (See https://builds.apache.org/job/Struts-JDK7-master/547/)
        WW-4710 Restrict access to HttpParameters.toMap (lukaszlenart: rev ab6750211ba8fc99bffdc156d3bb8f61031ed13d)

        • (edit) core/src/test/java/org/apache/struts2/interceptor/ServletConfigInterceptorTest.java
        • (edit) core/src/main/java/org/apache/struts2/dispatcher/HttpParameters.java
        • (edit) core/src/main/java/org/apache/struts2/interceptor/ServletConfigInterceptor.java
        Show
        hudson Hudson added a comment - SUCCESS: Integrated in Jenkins build Struts-JDK7-master #547 (See https://builds.apache.org/job/Struts-JDK7-master/547/ ) WW-4710 Restrict access to HttpParameters.toMap (lukaszlenart: rev ab6750211ba8fc99bffdc156d3bb8f61031ed13d) (edit) core/src/test/java/org/apache/struts2/interceptor/ServletConfigInterceptorTest.java (edit) core/src/main/java/org/apache/struts2/dispatcher/HttpParameters.java (edit) core/src/main/java/org/apache/struts2/interceptor/ServletConfigInterceptor.java
        Hide
        lukaszlenart Lukasz Lenart added a comment -

        Done

        Show
        lukaszlenart Lukasz Lenart added a comment - Done
        Hide
        jira-bot ASF subversion and git services added a comment -

        Commit ab6750211ba8fc99bffdc156d3bb8f61031ed13d in struts's branch refs/heads/master from Lukasz Lenart
        [ https://git-wip-us.apache.org/repos/asf?p=struts.git;h=ab67502 ]

        WW-4710 Restrict access to HttpParameters.toMap

        Show
        jira-bot ASF subversion and git services added a comment - Commit ab6750211ba8fc99bffdc156d3bb8f61031ed13d in struts's branch refs/heads/master from Lukasz Lenart [ https://git-wip-us.apache.org/repos/asf?p=struts.git;h=ab67502 ] WW-4710 Restrict access to HttpParameters.toMap

          People

          • Assignee:
            Unassigned
            Reporter:
            lukaszlenart Lukasz Lenart
          • Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development