(struts) 01/01: WW-5369 Re-define minimal library set

[lukaszlenart]

This is an automated email from the ASF dual-hosted git repository.

lukaszlenart pushed a commit to branch fix/WW-5369-min-lib
in repository https://gitbox.apache.org/repos/asf/struts.git

commit 72f551f40baa7c96b614b6e9f2c6ce92dd7b103e
Author: Lukasz Lenart 
AuthorDate: Thu Jan 18 06:48:12 2024 +0100

WW-5369 Re-define minimal library set
---
 assembly/src/main/assembly/min-lib.xml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/assembly/src/main/assembly/min-lib.xml 
b/assembly/src/main/assembly/min-lib.xml
index 3cae96356..a88b175fd 100644
--- a/assembly/src/main/assembly/min-lib.xml
+++ b/assembly/src/main/assembly/min-lib.xml
@@ -41,6 +41,8 @@
 ognl:ognl
 commons-fileupload:commons-fileupload
 org.apache.commons:commons-io
+com.github.ben-manes.caffeine:caffeine
+org.javassist:javassist
   
 
   

(struts) branch fix/WW-5369-min-lib created (now 72f551f40)

[lukaszlenart]

This is an automated email from the ASF dual-hosted git repository.

lukaszlenart pushed a change to branch fix/WW-5369-min-lib
in repository https://gitbox.apache.org/repos/asf/struts.git


  at 72f551f40 WW-5369 Re-define minimal library set

This branch includes the following new commits:

 new 72f551f40 WW-5369 Re-define minimal library set

The 1 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.

(struts) branch feature/no-work-log deleted (was a66c97c86)

[lukaszlenart]

This is an automated email from the ASF dual-hosted git repository.

lukaszlenart pushed a change to branch feature/no-work-log
in repository https://gitbox.apache.org/repos/asf/struts.git


 was a66c97c86 Stop polluting JIRA tickets

The revisions that were on this branch are still contained in
other references; therefore, this change does not discard any commits
from the repository.

(struts) 01/01: Stop polluting JIRA tickets

[lukaszlenart]

This is an automated email from the ASF dual-hosted git repository.

lukaszlenart pushed a commit to branch feature/no-work-log
in repository https://gitbox.apache.org/repos/asf/struts.git

commit a66c97c86ec162fe34d1eadeadcaf1b77f4fdd51
Author: Lukasz Lenart 
AuthorDate: Wed Jan 17 13:38:50 2024 +0100

Stop polluting JIRA tickets
---
 .asf.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.asf.yaml b/.asf.yaml
index 673c6e25c..dea378b87 100644
--- a/.asf.yaml
+++ b/.asf.yaml
@@ -8,7 +8,7 @@ notifications:
   # Send individual PR comments/reviews to issues@
   pullrequests_comment: notificati...@struts.apache.org
   # Link opened PRs with JIRA
-  jira_options: link label worklog
+  jira_options: link label
 
 github:
   del_branch_on_merge: true

(struts) branch feature/no-work-log created (now a66c97c86)

[lukaszlenart]

This is an automated email from the ASF dual-hosted git repository.

lukaszlenart pushed a change to branch feature/no-work-log
in repository https://gitbox.apache.org/repos/asf/struts.git


  at a66c97c86 Stop polluting JIRA tickets

This branch includes the following new commits:

 new a66c97c86 Stop polluting JIRA tickets

The 1 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.

(struts-site) branch asf-staging updated: Updates stage by Jenkins

[git-site-role]

This is an automated email from the ASF dual-hosted git repository.

git-site-role pushed a commit to branch asf-staging
in repository https://gitbox.apache.org/repos/asf/struts-site.git


The following commit(s) were added to refs/heads/asf-staging by this push:
 new cfa365566 Updates stage by Jenkins
cfa365566 is described below

commit cfa365566dc50ce230eb32618ff15281c9af3544
Author: jenkins 
AuthorDate: Wed Jan 17 12:35:32 2024 +

Updates stage by Jenkins
---
 content/core-developers/csp-interceptor.html | 1 +
 1 file changed, 1 insertion(+)

diff --git a/content/core-developers/csp-interceptor.html 
b/content/core-developers/csp-interceptor.html
index 69a8a4684..2b161917b 100644
--- a/content/core-developers/csp-interceptor.html
+++ b/content/core-developers/csp-interceptor.html
@@ -179,6 +179,7 @@ header is sent and Content-Se
   enforcingMode 
(default false) - 
When set to “true”, the enforce mode has been enabled, and the provided policy 
 is going to be enforced.
   reportUri - an 
uri under, which the violations have to be reported.
+  prependServletContext (default true) - a flag to prepend 
or not the Servlet context to the reportUri
 
 
 Report action

(struts-site) branch feature/WW-5374-context created (now 67a554a39)

[lukaszlenart]

This is an automated email from the ASF dual-hosted git repository.

lukaszlenart pushed a change to branch feature/WW-5374-context
in repository https://gitbox.apache.org/repos/asf/struts-site.git


  at 67a554a39 WW-5374 Documents prependServletContext flag

This branch includes the following new commits:

 new 67a554a39 WW-5374 Documents prependServletContext flag

The 1 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.

(struts-site) 01/01: WW-5374 Documents prependServletContext flag

[lukaszlenart]

This is an automated email from the ASF dual-hosted git repository.

lukaszlenart pushed a commit to branch feature/WW-5374-context
in repository https://gitbox.apache.org/repos/asf/struts-site.git

commit 67a554a393de2c7f7bd6e8bd1aaf1d07e148abb0
Author: Lukasz Lenart 
AuthorDate: Wed Jan 17 13:26:59 2024 +0100

WW-5374 Documents prependServletContext flag
---
 source/core-developers/csp-interceptor.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/source/core-developers/csp-interceptor.md 
b/source/core-developers/csp-interceptor.md
index 23175651f..83b99f382 100644
--- a/source/core-developers/csp-interceptor.md
+++ b/source/core-developers/csp-interceptor.md
@@ -30,6 +30,7 @@ CSP is now supported by all major browsers. [More information 
about CSP](https:/
 - `enforcingMode` (default `false`) - When set to "true", the enforce mode has 
been enabled, and the provided policy 
   is going to be enforced.
 - `reportUri` - an uri under, which the violations have to be reported.
+- `prependServletContext` (default `true`) - a flag to prepend or not the 
Servlet context to the `reportUri`  
 
 ## Report action
 

(struts) branch fix/WW-5387-remove deleted (was e9738698a)

[lukaszlenart]

This is an automated email from the ASF dual-hosted git repository.

lukaszlenart pushed a change to branch fix/WW-5387-remove
in repository https://gitbox.apache.org/repos/asf/struts.git


 was e9738698a WW-5387 Fixes remove() signature

The revisions that were on this branch are still contained in
other references; therefore, this change does not discard any commits
from the repository.

(struts) branch master updated (d0ac76b9a -> fdd996c68)

[lukaszlenart]

This is an automated email from the ASF dual-hosted git repository.

lukaszlenart pushed a change to branch master
in repository https://gitbox.apache.org/repos/asf/struts.git


from d0ac76b9a Merge pull request #820 from 
apache/dependabot/maven/org.apache.commons-commons-compress-1.25.0
 add e9738698a WW-5387 Fixes remove() signature
 add fdd996c68 Merge pull request #844 from apache/fix/WW-5387-remove

No new revisions were added by this update.

Summary of changes:
 .../main/java/org/apache/struts2/dispatcher/ApplicationMap.java  | 9 +++--
 core/src/main/java/org/apache/struts2/dispatcher/RequestMap.java | 9 +++--
 .../java/org/apache/struts2/portlet/PortletApplicationMap.java   | 9 +++--
 3 files changed, 21 insertions(+), 6 deletions(-)

(struts) 01/01: WW-5374 Allows to prepend reportUri with Servlet context

[lukaszlenart]

This is an automated email from the ASF dual-hosted git repository.

lukaszlenart pushed a commit to branch fix/WW-5374-context
in repository https://gitbox.apache.org/repos/asf/struts.git

commit dc96c257d4198f1b255728f878c48840de13a3f4
Author: Lukasz Lenart 
AuthorDate: Wed Jan 17 13:22:09 2024 +0100

WW-5374 Allows to prepend reportUri with Servlet context
---
 .../struts2/interceptor/csp/CspInterceptor.java| 42 --
 .../struts2/interceptor/CspInterceptorTest.java| 37 +--
 2 files changed, 57 insertions(+), 22 deletions(-)

diff --git 
a/core/src/main/java/org/apache/struts2/interceptor/csp/CspInterceptor.java 
b/core/src/main/java/org/apache/struts2/interceptor/csp/CspInterceptor.java
index 8e4356646..aca583a32 100644
--- a/core/src/main/java/org/apache/struts2/interceptor/csp/CspInterceptor.java
+++ b/core/src/main/java/org/apache/struts2/interceptor/csp/CspInterceptor.java
@@ -43,7 +43,8 @@ public final class CspInterceptor extends AbstractInterceptor 
{
 
 private static final Logger LOG = 
LogManager.getLogger(CspInterceptor.class);
 
-private Boolean enforcingMode;
+private boolean prependServletContext = true;
+private boolean enforcingMode;
 private String reportUri;
 
 @Override
@@ -60,17 +61,22 @@ public final class CspInterceptor extends 
AbstractInterceptor {
 }
 
 private void applySettings(ActionInvocation invocation, CspSettings 
cspSettings) {
-if (enforcingMode != null) {
-LOG.trace("Applying: {} to enforcingMode", enforcingMode);
-cspSettings.setEnforcingMode(enforcingMode);
-}
+HttpServletRequest request = 
invocation.getInvocationContext().getServletRequest();
+HttpServletResponse response = 
invocation.getInvocationContext().getServletResponse();
+
+LOG.trace("Applying: {} to enforcingMode", enforcingMode);
+cspSettings.setEnforcingMode(enforcingMode);
+
 if (reportUri != null) {
 LOG.trace("Applying: {} to reportUri", reportUri);
-cspSettings.setReportUri(reportUri);
-}
+String finalReportUri = reportUri;
 
-HttpServletRequest request = 
invocation.getInvocationContext().getServletRequest();
-HttpServletResponse response = 
invocation.getInvocationContext().getServletResponse();
+if (prependServletContext && (request.getContextPath() != null) && 
(!request.getContextPath().isEmpty())) {
+finalReportUri = request.getContextPath() + finalReportUri;
+}
+
+cspSettings.setReportUri(finalReportUri);
+}
 
 invocation.addPreResultListener((actionInvocation, resultCode) -> {
 LOG.trace("Applying CSP header: {} to the request", cspSettings);
@@ -99,8 +105,22 @@ public final class CspInterceptor extends 
AbstractInterceptor {
 }
 }
 
-public void setEnforcingMode(String value) {
-this.enforcingMode = Boolean.parseBoolean(value);
+/**
+ * Enables enforcing mode, by default all exceptions are only reported
+ *
+ * @param enforcingMode true to enable enforcing mode, 
false to keep reporting mode.
+ */
+public void setEnforcingMode(boolean enforcingMode) {
+this.enforcingMode = enforcingMode;
+}
+
+/**
+ * Sets whether to prepend the servlet context path to the {@link 
#reportUri}.
+ *
+ * @param prependServletContext true to prepend the location with the 
servlet context path, false otherwise.
+ */
+public void setPrependServletContext(boolean prependServletContext) {
+this.prependServletContext = prependServletContext;
 }
 
 }
diff --git 
a/core/src/test/java/org/apache/struts2/interceptor/CspInterceptorTest.java 
b/core/src/test/java/org/apache/struts2/interceptor/CspInterceptorTest.java
index 2811b289f..38ef25b82 100644
--- a/core/src/test/java/org/apache/struts2/interceptor/CspInterceptorTest.java
+++ b/core/src/test/java/org/apache/struts2/interceptor/CspInterceptorTest.java
@@ -22,6 +22,7 @@ import com.opensymphony.xwork2.ActionContext;
 import com.opensymphony.xwork2.mock.MockActionInvocation;
 import org.apache.logging.log4j.util.Strings;
 import org.apache.struts2.StrutsInternalTestCase;
+import org.apache.struts2.TestAction;
 import org.apache.struts2.action.CspSettingsAware;
 import org.apache.struts2.dispatcher.SessionMap;
 import org.apache.struts2.interceptor.csp.CspInterceptor;
@@ -45,7 +46,7 @@ public class CspInterceptorTest extends 
StrutsInternalTestCase {
 
 public void 
test_whenRequestReceived_thenNonceIsSetInSession_andCspHeaderContainsIt() 
throws Exception {
 String reportUri = "/barfoo";
-String reporting = "false";
+boolean reporting = false;
 interceptor.setReportUri(reportUri);
 interceptor.setEnforcingMode(reporting);
 
@@ -58,7 +59,7 @@ public class CspInterceptorTest extends 
StrutsInternalTestCase {
 
 public void 

(struts) branch fix/WW-5374-context created (now dc96c257d)

[lukaszlenart]

This is an automated email from the ASF dual-hosted git repository.

lukaszlenart pushed a change to branch fix/WW-5374-context
in repository https://gitbox.apache.org/repos/asf/struts.git


  at dc96c257d WW-5374 Allows to prepend reportUri with Servlet context

This branch includes the following new commits:

 new dc96c257d WW-5374 Allows to prepend reportUri with Servlet context

The 1 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.