Well, the only part that could break backward compatibility is the idea of removing filter of cookies by value. But the CookieProviderInterceptor and the idea of being able to OGNL-value the accepted cookie names should not break anything.
2013/5/16 Lukasz Lenart <[email protected]> > If this is gonna break backward compatibility, please register an > issue with JIRA and we will introduce the change with Struts 2.5/3 > version. > > > Regards > -- > Ćukasz > + 48 606 323 122 http://www.lenart.org.pl/ > > 2013/4/4 Maurizio Cucchiara <[email protected]>: > >> My proposal would > >> be to simplify the interceptor in two ways: > >> 1) Remove the filter by cookie value: I don't know under which > >> circumstances that could be useful > > I'm not able to identify those circumstances, but AFAIU that filter is > > harmless, if you don't define a cookie value, struts will never filter > > your cookies. > > Furthermore, this change would break bacward compatibility, and this > > may make unhappy many users which know those circumstances :(. > > > >> 2) Parse the cookieName as a OGNL expression, so I can setup the cookie > >> names I want to receive dynamically, instead of harcoding them in the > >> configuration files. > > This could be useful, but at the same time there would be some > > security risk related to it. > > > > > >> Also related, there is no way in Struts to setup a Cookie. > > Actually, ATM you can implement ServletResponseAware interface. Yes, I > > know this don't mean that there is a direct way, but it is not so hard > > to implement IMHO. > > > >> I developed my > >> own CookieProviderInterceptor and CookieProvider (interfaces) to allow > an > >> Action to create a cookie and pass it to the CookieProviderInterceptor > to > >> ser it in the request, but I would love to see a more integrated > process. > > > > At first glance, the patch you provided sounds good to me, I will get > > a deeper look in the next days. > > Further, CPI could provide remove cookie method. > > > > > > Twitter :http://www.twitter.com/m_cucchiara > > G+ :https://plus.google.com/107903711540963855921 > > Linkedin :http://www.linkedin.com/in/mauriziocucchiara > > VisualizeMe: http://vizualize.me/maurizio.cucchiara?r=maurizio.cucchiara > > > > Maurizio Cucchiara > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [email protected] > > For additional commands, e-mail: [email protected] > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > >
