XWorkConverter calling e.printStackTrace() after bad user input
---------------------------------------------------------------
Key: WW-2893
URL: https://issues.apache.org/struts/browse/WW-2893
Project: Struts 2
Issue Type: Bug
Affects Versions: 2.1.2
Environment: Tomcat 6.0.18
Reporter: Lucas Nelson
We are getting log output triggered by bad user input from the
XWorkConverter#convertValue method - lines 302, 315, 326 in 2.1.2. This can be
triggered by having a numeric field and not submitting anything in it, or
having a custom converter that throws a TypeConversionException.
We would have difficulty going into production with bad user input triggering a
stack dump in our log files - the frequency of bad input coupled with the
computation cost of generating a stack trace, and the log file spam it would
generate. Could these printStackTrace() calls please be removed. Perhaps
replaced with debug level output.
IMO having application log output being generated by end-user activity is a
problem.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
