[
https://issues.apache.org/jira/browse/WW-5012?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16765058#comment-16765058
]
ASF GitHub Bot commented on WW-5012:
------------------------------------
JCgH4164838Gh792C124B5 commented on pull request #324: Back-port WW-5012
improvements from PR#323 to 2.5.x:
URL: https://github.com/apache/struts/pull/324
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
> Make a public state check the first acceptance check in SecurityMemberAccess
> ----------------------------------------------------------------------------
>
> Key: WW-5012
> URL: https://issues.apache.org/jira/browse/WW-5012
> Project: Struts 2
> Issue Type: Improvement
> Components: Core
> Affects Versions: 2.5.20
> Environment: All environments.
> Reporter: James Chaplin
> Priority: Minor
> Labels: performance, security
> Fix For: 2.5.21, 2.6
>
>
> During discussion for WW-5004, a recommendation was made by two Apache Struts
> Team members to adjust the sequence of calls in the SecurityMemberAccess
> module.
> The recommendation was to make the member's public state check (e.g.
> checkPublicMemberAccess()) the absolute first check made during acceptance
> checks).
> This improvement would look at implementing this change for the access check
> ordering, and any minor enhancements that are applicable to the ordering
> change.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
