On 3/19/07, Allen Gilliland <[EMAIL PROTECTED]> wrote:
I'd like to suggest that we do one more thing to fix this problem
starting in the current trunk. I'd like to go ahead and make our pojo
wrappers static so that we can place custom code in various methods to
handle situations like this. The problem with the current fix is that
it relies on the fact that people are using the macros and that can't be
guaranteed, so to truly solve this problem we need the functionality to
be in the pojo wrappers themselves so that there is no way to get
unescaped data.
So to do this all I am planning to do is copy the current generated
wrappers into the actual source tree and commit them, then modify the
various getXXX() methods on the CommentDataWrapper so that they escape
the data.
Not only does this help fix this security issue at the very root level,
but it will also open up opportunities to do more with our wrappers
general. So is anyone else opposed to making the pojo wrappers static?
I don't think this change would need to be back ported to older
releases, so it would just go into the current trunk.
I'm +0 on this.
It eliminates one reason we need XDoclet, that's good.
It opens opportunities for smarter POJO wrappers, which is good --
but, other than comments security what else can we use that for?
It adds more code to maintain and more code to update when a new field
or POJO is added, but I guess with a good IDE that work is negligible.
So unless somebody else has some good solid objections, go for it.
- Dave
