[
https://issues.apache.org/jira/browse/JEXL-357?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17488246#comment-17488246
]
Henri Biestro edited comment on JEXL-357 at 2/7/22, 4:49 PM:
-------------------------------------------------------------
Commit
[0b1cbdb|https://github.com/apache/commons-jexl/commit/0b1cbdbe8aa7d98d71dbfe29279240adde8c136f]
Commit
[ea904f9|https://github.com/apache/commons-jexl/commit/ea904f9f9c6a4a5a555bd71178f4ca71da8205c0]
Commit
[d4e0976|https://github.com/apache/commons-jexl/commit/d4e09765d3f044ded3b9d8502c9a0eefbeab0ff2]
was (Author: henrib):
Commit
[d4e0976|https://github.com/apache/commons-jexl/commit/d4e09765d3f044ded3b9d8502c9a0eefbeab0ff2]
> Configure accessible packages/classes/methods/fields
> -----------------------------------------------------
>
> Key: JEXL-357
> URL: https://issues.apache.org/jira/browse/JEXL-357
> Project: Commons JEXL
> Issue Type: Improvement
> Affects Versions: 3.2.1
> Reporter: Henri Biestro
> Assignee: Henri Biestro
> Priority: Major
> Fix For: Later
>
>
> The @NoJexl annotation allows 'hiding' functional elements from scripts; this
> features will allow Jexl introspection to completely ignore existing
> packages/classes/methods/fields ensuring they can not be called.
> Acting (more or less) as a security manager, this will allow fine
> configuration of what scripts are allowed to access on a platform. Used in
> conjunction with Sandboxing, how much is exposed can be limited to explicit
> permission.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
