[struts-site] branch asf-site updated: Updates production by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-site in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-site by this push: new b74d6fe Updates production by Jenkins b74d6fe is described below commit b74d6feceb5c58cb99321f6cf184255643b7400c Author: jenkins AuthorDate: Wed Jan 23 09:46:02 2019 + Updates production by Jenkins --- content/core-developers/interceptors.html | 2 +- content/core-developers/struts-default-xml.html | 2 +- content/index.html | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/content/core-developers/interceptors.html b/content/core-developers/interceptors.html index c74b793..1d227bf 100644 --- a/content/core-developers/interceptors.html +++ b/content/core-developers/interceptors.html @@ -338,7 +338,7 @@ than reiterate the same list of Interceptors, we can bundle these Interceptors t bean type="com.opensymphony.xwork2.conversion.impl.XWorkConverter" name="struts" class="com.opensymphony.xwork2.conversion.impl.XWorkConverter" / -bean type="com.opensymphony.xwork2.conversion.ConversionPropertiesProcessor" name="struts" class="com.opensymphony.xwork2.conversion.impl.DefaultConversionPropertiesProcessor" / +bean type="com.opensymphony.xwork2.conversion.ConversionPropertiesProcessor" name="struts" class="org.apache.struts2.conversion.StrutsConversionPropertiesProcessor" / bean type="com.opensymphony.xwork2.conversion.ConversionFileProcessor" name="struts" class="com.opensymphony.xwork2.conversion.impl.DefaultConversionFileProcessor" / bean type="com.opensymphony.xwork2.conversion.ConversionAnnotationProcessor" name="struts" class="com.opensymphony.xwork2.conversion.impl.DefaultConversionAnnotationProcessor" / bean type="com.opensymphony.xwork2.conversion.TypeConverterCreator" name="struts" class="org.apache.struts2.conversion.StrutsTypeConverterCreator" / diff --git a/content/core-developers/struts-default-xml.html b/content/core-developers/struts-default-xml.html index 41a296c..60be1a0 100644 --- a/content/core-developers/struts-default-xml.html +++ b/content/core-developers/struts-default-xml.html @@ -253,7 +253,7 @@ setting in struts.properties. bean type="com.opensymphony.xwork2.conversion.impl.XWorkConverter" name="struts" class="com.opensymphony.xwork2.conversion.impl.XWorkConverter" / -bean type="com.opensymphony.xwork2.conversion.ConversionPropertiesProcessor" name="struts" class="com.opensymphony.xwork2.conversion.impl.DefaultConversionPropertiesProcessor" / +bean type="com.opensymphony.xwork2.conversion.ConversionPropertiesProcessor" name="struts" class="org.apache.struts2.conversion.StrutsConversionPropertiesProcessor" / bean type="com.opensymphony.xwork2.conversion.ConversionFileProcessor" name="struts" class="com.opensymphony.xwork2.conversion.impl.DefaultConversionFileProcessor" / bean type="com.opensymphony.xwork2.conversion.ConversionAnnotationProcessor" name="struts" class="com.opensymphony.xwork2.conversion.impl.DefaultConversionAnnotationProcessor" / bean type="com.opensymphony.xwork2.conversion.TypeConverterCreator" name="struts" class="org.apache.struts2.conversion.StrutsTypeConverterCreator" / diff --git a/content/index.html b/content/index.html index b33e8e1..8e09543 100644 --- a/content/index.html +++ b/content/index.html @@ -174,7 +174,7 @@ The Apache Struts Team recommends to immediately upgrade your Struts 2 based projects to use the latest released version of Commons FileUpload library, which is currently 1.3.3. - Announcement + Announcement @@ -182,7 +182,7 @@ The Apache Struts Team informs about discontinuing support for Struts 2.3.x branch in 6 months, you can expect only support in case of security issues and we recommend migration to the latest version of Struts, read more in - Announcement + Announcement
[struts-site] branch master updated: Fixes urls to announcements from 2018
This is an automated email from the ASF dual-hosted git repository. lukaszlenart pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/master by this push: new 4995350 Fixes urls to announcements from 2018 4995350 is described below commit 49953502c5001244e06d4c552eeda7ca31b24689 Author: Lukasz Lenart AuthorDate: Wed Jan 23 10:31:05 2019 +0100 Fixes urls to announcements from 2018 --- source/index.html | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/source/index.html b/source/index.html index e8b185f..6084881 100644 --- a/source/index.html +++ b/source/index.html @@ -54,7 +54,7 @@ title: Welcome to the Apache Struts project The Apache Struts Team recommends to immediately upgrade your Struts 2 based projects to use the latest released version of Commons FileUpload library, which is currently 1.3.3. - Announcement + Announcement @@ -62,7 +62,7 @@ title: Welcome to the Apache Struts project The Apache Struts Team informs about discontinuing support for Struts 2.3.x branch in 6 months, you can expect only support in case of security issues and we recommend migration to the latest version of Struts, read more in - Announcement + Announcement
[struts] branch struts-2-5-x updated: Minor cleanup/consistency changes for 3 modules. - Made a private ConcurrentMap reference final, made initial sets immutable (consistency). - Made sets for Accept
This is an automated email from the ASF dual-hosted git repository. yasserzamani pushed a commit to branch struts-2-5-x in repository https://gitbox.apache.org/repos/asf/struts.git The following commit(s) were added to refs/heads/struts-2-5-x by this push: new 881e1b2 Minor cleanup/consistency changes for 3 modules. - Made a private ConcurrentMap reference final, made initial sets immutable (consistency). - Made sets for Accepted and Excluded patterns checkers immutable in 2 modules (consistency). - Added @Override annotations missing from a few methods in 2 modules. - Updated the 3 relevant unit tests to verify immutable states of various sets. new c9f279e Merge pull request #314 from JCgH4164838Gh792C124B5/localS2_25x_B2 881e1b2 is described below commit 881e1b2580ee51dd4790dc0497bbb2a6200c89b6 Author: JCgH4164838Gh792C124B5 <43964333+jcgh4164838gh792c12...@users.noreply.github.com> AuthorDate: Fri Jan 18 00:09:29 2019 -0500 Minor cleanup/consistency changes for 3 modules. - Made a private ConcurrentMap reference final, made initial sets immutable (consistency). - Made sets for Accepted and Excluded patterns checkers immutable in 2 modules (consistency). - Added @Override annotations missing from a few methods in 2 modules. - Updated the 3 relevant unit tests to verify immutable states of various sets. --- .../com/opensymphony/xwork2/ognl/OgnlUtil.java | 5 +- .../security/DefaultAcceptedPatternsChecker.java | 31 +++- .../security/DefaultExcludedPatternsChecker.java | 33 - .../com/opensymphony/xwork2/ognl/OgnlUtilTest.java | 164 + .../DefaultAcceptedPatternsCheckerTest.java| 62 .../DefaultExcludedPatternsCheckerTest.java| 63 6 files changed, 344 insertions(+), 14 deletions(-) diff --git a/core/src/main/java/com/opensymphony/xwork2/ognl/OgnlUtil.java b/core/src/main/java/com/opensymphony/xwork2/ognl/OgnlUtil.java index c58d14e..20be3dc 100644 --- a/core/src/main/java/com/opensymphony/xwork2/ognl/OgnlUtil.java +++ b/core/src/main/java/com/opensymphony/xwork2/ognl/OgnlUtil.java @@ -54,7 +54,7 @@ public class OgnlUtil { private static final Logger LOG = LogManager.getLogger(OgnlUtil.class); -private ConcurrentMap expressions = new ConcurrentHashMap<>(); +private final ConcurrentMap expressions = new ConcurrentHashMap<>(); private final ConcurrentMap beanInfoCache = new ConcurrentHashMap<>(); private TypeConverter defaultConverter; @@ -74,6 +74,9 @@ public class OgnlUtil { excludedClasses = new HashSet<>(); excludedPackageNamePatterns = new HashSet<>(); excludedPackageNames = new HashSet<>(); +excludedClasses = Collections.unmodifiableSet(excludedClasses); +excludedPackageNamePatterns = Collections.unmodifiableSet(excludedPackageNamePatterns); +excludedPackageNames = Collections.unmodifiableSet(excludedPackageNames); } @Inject diff --git a/core/src/main/java/com/opensymphony/xwork2/security/DefaultAcceptedPatternsChecker.java b/core/src/main/java/com/opensymphony/xwork2/security/DefaultAcceptedPatternsChecker.java index 30eacef..38f2b7e 100644 --- a/core/src/main/java/com/opensymphony/xwork2/security/DefaultAcceptedPatternsChecker.java +++ b/core/src/main/java/com/opensymphony/xwork2/security/DefaultAcceptedPatternsChecker.java @@ -25,6 +25,7 @@ import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.Logger; import java.util.Arrays; +import java.util.Collections; import java.util.HashSet; import java.util.Set; import java.util.regex.Pattern; @@ -48,27 +49,39 @@ public class DefaultAcceptedPatternsChecker implements AcceptedPatternsChecker { LOG.warn("Overriding accepted patterns [{}] with [{}], be aware that this affects all instances and safety of your application!", acceptedPatterns, acceptablePatterns); acceptedPatterns = new HashSet<>(); -for (String pattern : TextParseUtil.commaDelimitedStringToSet(acceptablePatterns)) { -acceptedPatterns.add(Pattern.compile(pattern, Pattern.CASE_INSENSITIVE)); +try { +for (String pattern : TextParseUtil.commaDelimitedStringToSet(acceptablePatterns)) { +acceptedPatterns.add(Pattern.compile(pattern, Pattern.CASE_INSENSITIVE)); +} +} finally { +acceptedPatterns = Collections.unmodifiableSet(acceptedPatterns); } } @Inject(value = XWorkConstants.ADDITIONAL_ACCEPTED_PATTERNS, required = false) protected void setAdditionalAcceptedPatterns(String acceptablePatterns) { LOG.warn("Adding additional global patterns [{}] to accepted patterns!", acceptablePatterns); -for (String pattern : TextParseUtil.commaDelimitedStringToSet(acceptablePatterns)) { -acceptedPatterns.add(Pattern.compile(pattern, Pattern.CASE_INSENSITIVE)); +