Lukasz Lenart created WW-4963:
---------------------------------
Summary: Implement new Aware interfaces that are using withXxxx
pattern instead of setters
Key: WW-4963
URL: https://issues.apache.org/jira/browse/WW-4963
Project: Struts 2
Issue Type: Improvement
Components: Core Actions
Reporter: Lukasz Lenart
Fix For: 2.6
In matter of security I wonder if we should stop using setters in internal API.
Like in {{SessionAware}} interface we use {{setSession()}} and each actions
must implement this method. Then we have a logic to avoid mapping incoming
values to {{setSession()}} to permit injecting values into Session.
Instead of {{setSession()}} we can use {{withSession()}} or {{applySession()}}
- the same can be applied to any *Aware interface.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
