[
https://issues.apache.org/jira/browse/WW-5408?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Kusal Kithul-Godage resolved WW-5408.
-------------------------------------
Resolution: Fixed
> Add option to NOT fallback to empty namespace when unresolved
> -------------------------------------------------------------
>
> Key: WW-5408
> URL: https://issues.apache.org/jira/browse/WW-5408
> Project: Struts 2
> Issue Type: Improvement
> Components: Core
> Reporter: Kusal Kithul-Godage
> Priority: Minor
> Fix For: 6.5.0
>
> Time Spent: 1h 40m
> Remaining Estimate: 0h
>
> Currently, when a namespace cannot be resolved from a request URL, it falls
> back to the empty namespace.
> This effectively allows all Actions which are defined for the empty namespace
> to be accessed from an infinite number of endpoints.
> For example, you may have an Action defined in the empty namespace, intended
> for access at:
> {{www.domain.com/login.action}}
> However, due to the current fallback behaviour, this Action can actually be
> accessed at any non-resolving namespace, eg.:
> {{www.domain.com/what/about/this/login.action}}
> This behaviour is not usually beneficial and could lead to bugs if a
> developer only expects their Action to be accessible at a very specific URL.
> Many developers may not be aware of these Action resolving quirks of Struts.
> As far as I can tell, there is not currently an option to prevent this
> behaviour, so I propose we add one.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
