Reverted in rev 1834917. -----邮件原件----- 发件人: Jacopo Cappellato [mailto:jacopo.cappell...@hotwaxsystems.com] 发送时间: 2018年6月28日 23:59 收件人: dev@ofbiz.apache.org 主题: Re: [Discussion]: Add method attribute to request-map (Was: svn commit: r1834389 - in /ofbiz/ofbiz-framework/trunk/framework...)
+1 to Taher's recommendations. Jacopo On Thu, Jun 28, 2018 at 9:15 AM, Taher Alkhateeb <slidingfilame...@gmail.com > wrote: > A few comments: > > 1- I would suggest to try and avoid in the future committing any > design changes to the framework without discussing it properly in the > mailing list first > 2- I think it would be better to revert this work. I noticed in the > JIRA for example that Mathieu Lirzin asked for some time to review his > work when you just committed his work without checking what he wanted > to do, and he later provided refactoring patches. > 3- I would recommend providing a summary of what you want to commit. > The commit was too long and I don't want to read line-by-line > everything in the code to understand what was achieved. Let's first > discuss in here what is being done, agree on the general direction, > and THEN apply a commit. > > Those are my recommendations, and I don't know about the rest of the > folks opinion here so I invite everyone else to have their input. > > On Thu, Jun 28, 2018 at 6:46 AM, Shi Jinghai <huaru...@hotmail.com> wrote: > > Hi all, > > > > Thanks Jacques, Taher and Nicolas mentioned our community rule, "a > proper discussion". > > > > I created an issue "Add method attribute to request-map to controll a > uri can be called GET or POST only" a week ago: > > https://issues.apache.org/jira/browse/OFBIZ-10438 > > > > Thanks Mathieu, he submitted his patches very quickly while I was > preparing mine. I tested them and submitted to trunk. Please be aware, the > latest versions are r1834465 and r1834570, and the implement requires JDK > 1.8. > > > > Is the implement acceptable for trunk? Further improvement to do? Would > we backport it to releases? > > > > If it's not acceptable, I'll revert the implement. > > > > Kind Regards, > > > > Shi Jinghai > > > > > > -----邮件原件----- > > 发件人: Paul Foxworthy [mailto:p...@cohsoft.com.au] > > 发送时间: 2018年6月26日 19:31 > > 收件人: dev@ofbiz.apache.org > > 主题: Re: svn commit: r1834389 - in /ofbiz/ofbiz-framework/trunk/framework: > base/src/main/java/org/apache/ofbiz/base/util/collections/ webapp/config/ > webapp/dtd/ webapp/src/main/java/org/apache/ofbiz/webapp/control/ > webapp/src/test/java/org/apache/ofbiz/weba... > > > > On 26 June 2018 at 17:58, Taher Alkhateeb <slidingfilame...@gmail.com> > > wrote: > > > >> I could be mistaken, but this seems like a very major change that did > >> not have a thorough and proper discussion at the mailing list? I would > >> rather at least have an explanation of what was committed and to > >> discuss the merits and cons of the implementation. > >> > > > > Hi all, > > > > I haven't found the specific issue, but wasn't there a major change > several > > years ago from GET to POST to help guard against XSS attacks? > > > > Cheers > > > > Paul Foxworthy > > > > -- > > Coherent Software Australia Pty Ltd > > PO Box 2773 > > Cheltenham Vic 3192 > > Australia > > > > Phone: +61 3 9585 6788 > > Web: http://www.coherentsoftware.com.au/ > > Email: i...@coherentsoftware.com.au >