[
https://issues.apache.org/jira/browse/WW-5498?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Lukasz Lenart reassigned WW-5498:
---------------------------------
Assignee: Lukasz Lenart
> <s:token /> with devMode enabled causes actionError
> ---------------------------------------------------
>
> Key: WW-5498
> URL: https://issues.apache.org/jira/browse/WW-5498
> Project: Struts 2
> Issue Type: Bug
> Affects Versions: 6.7.0
> Reporter: Jon Pulice
> Assignee: Lukasz Lenart
> Priority: Minor
> Fix For: 6.7.1, 7.0.1
>
> Time Spent: 10m
> Remaining Estimate: 0h
>
> When we upgraded Struts to 6.7.0, any form with a <s:token /> field now fails
> to submit as a result of an actionError only when devMode is enabled
> We see the following error in the logs:
> {noformat}
> ERROR org.apache.struts2.interceptor.parameter.ParametersInterceptor -
> Developer Notification (set struts.devMode to false to disable this message):
> Unexpected Exception caught setting 'token' on 'class com.example.TestAction:
> Error setting expression 'token' with value
> ['XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX', ]
> {noformat}
> And the following actionError
> {noformat}
> Developer Notification (set struts.devMode to false to disable this message):
> Unexpected Exception caught setting 'token' on 'class com.example.TestAction:
> Error setting expression 'token' with value
> ['XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX', ]
> {noformat}
> If devMode is disabled, then no exception is logged and there are no issues.
>
> In Struts 6.4.0, the behaviour was different. The exception is still reported
> in the logs when devMode is enabled, but instead of an actionError being
> added that prevents form submission, an actionMessage is created:
> {noformat}
> [Error setting expression 'token' with value
> ['XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX', ]]
> {noformat}
>
> I don't think the Action need to be aware of the token value since the
> TokenInterceptor is handling the validation/logic.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
