[struts-site] branch asf-site updated: Updates production by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-site in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-site by this push: new b74d6fe Updates production by Jenkins b74d6fe is described below commit b74d6feceb5c58cb99321f6cf184255643b7400c Author: jenkins AuthorDate: Wed Jan 23 09:46:02 2019 + Updates production by Jenkins --- content/core-developers/interceptors.html | 2 +- content/core-developers/struts-default-xml.html | 2 +- content/index.html | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/content/core-developers/interceptors.html b/content/core-developers/interceptors.html index c74b793..1d227bf 100644 --- a/content/core-developers/interceptors.html +++ b/content/core-developers/interceptors.html @@ -338,7 +338,7 @@ than reiterate the same list of Interceptors, we can bundle these Interceptors t bean type="com.opensymphony.xwork2.conversion.impl.XWorkConverter" name="struts" class="com.opensymphony.xwork2.conversion.impl.XWorkConverter" / -bean type="com.opensymphony.xwork2.conversion.ConversionPropertiesProcessor" name="struts" class="com.opensymphony.xwork2.conversion.impl.DefaultConversionPropertiesProcessor" / +bean type="com.opensymphony.xwork2.conversion.ConversionPropertiesProcessor" name="struts" class="org.apache.struts2.conversion.StrutsConversionPropertiesProcessor" / bean type="com.opensymphony.xwork2.conversion.ConversionFileProcessor" name="struts" class="com.opensymphony.xwork2.conversion.impl.DefaultConversionFileProcessor" / bean type="com.opensymphony.xwork2.conversion.ConversionAnnotationProcessor" name="struts" class="com.opensymphony.xwork2.conversion.impl.DefaultConversionAnnotationProcessor" / bean type="com.opensymphony.xwork2.conversion.TypeConverterCreator" name="struts" class="org.apache.struts2.conversion.StrutsTypeConverterCreator" / diff --git a/content/core-developers/struts-default-xml.html b/content/core-developers/struts-default-xml.html index 41a296c..60be1a0 100644 --- a/content/core-developers/struts-default-xml.html +++ b/content/core-developers/struts-default-xml.html @@ -253,7 +253,7 @@ setting in struts.properties. bean type="com.opensymphony.xwork2.conversion.impl.XWorkConverter" name="struts" class="com.opensymphony.xwork2.conversion.impl.XWorkConverter" / -bean type="com.opensymphony.xwork2.conversion.ConversionPropertiesProcessor" name="struts" class="com.opensymphony.xwork2.conversion.impl.DefaultConversionPropertiesProcessor" / +bean type="com.opensymphony.xwork2.conversion.ConversionPropertiesProcessor" name="struts" class="org.apache.struts2.conversion.StrutsConversionPropertiesProcessor" / bean type="com.opensymphony.xwork2.conversion.ConversionFileProcessor" name="struts" class="com.opensymphony.xwork2.conversion.impl.DefaultConversionFileProcessor" / bean type="com.opensymphony.xwork2.conversion.ConversionAnnotationProcessor" name="struts" class="com.opensymphony.xwork2.conversion.impl.DefaultConversionAnnotationProcessor" / bean type="com.opensymphony.xwork2.conversion.TypeConverterCreator" name="struts" class="org.apache.struts2.conversion.StrutsTypeConverterCreator" / diff --git a/content/index.html b/content/index.html index b33e8e1..8e09543 100644 --- a/content/index.html +++ b/content/index.html @@ -174,7 +174,7 @@ The Apache Struts Team recommends to immediately upgrade your Struts 2 based projects to use the latest released version of Commons FileUpload library, which is currently 1.3.3. - Announcement + Announcement @@ -182,7 +182,7 @@ The Apache Struts Team informs about discontinuing support for Struts 2.3.x branch in 6 months, you can expect only support in case of security issues and we recommend migration to the latest version of Struts, read more in - Announcement + Announcement
[struts-site] branch master updated: Fixes urls to announcements from 2018
This is an automated email from the ASF dual-hosted git repository. lukaszlenart pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/master by this push: new 4995350 Fixes urls to announcements from 2018 4995350 is described below commit 49953502c5001244e06d4c552eeda7ca31b24689 Author: Lukasz Lenart AuthorDate: Wed Jan 23 10:31:05 2019 +0100 Fixes urls to announcements from 2018 --- source/index.html | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/source/index.html b/source/index.html index e8b185f..6084881 100644 --- a/source/index.html +++ b/source/index.html @@ -54,7 +54,7 @@ title: Welcome to the Apache Struts project The Apache Struts Team recommends to immediately upgrade your Struts 2 based projects to use the latest released version of Commons FileUpload library, which is currently 1.3.3. - Announcement + Announcement @@ -62,7 +62,7 @@ title: Welcome to the Apache Struts project The Apache Struts Team informs about discontinuing support for Struts 2.3.x branch in 6 months, you can expect only support in case of security issues and we recommend migration to the latest version of Struts, read more in - Announcement + Announcement
[struts] branch struts-2-5-x updated: Minor cleanup/consistency changes for 3 modules. - Made a private ConcurrentMap reference final, made initial sets immutable (consistency). - Made sets for Accept
This is an automated email from the ASF dual-hosted git repository.
yasserzamani pushed a commit to branch struts-2-5-x
in repository https://gitbox.apache.org/repos/asf/struts.git
The following commit(s) were added to refs/heads/struts-2-5-x by this push:
new 881e1b2 Minor cleanup/consistency changes for 3 modules. - Made a
private ConcurrentMap reference final, made initial sets immutable
(consistency). - Made sets for Accepted and Excluded patterns checkers
immutable in 2 modules (consistency). - Added @Override annotations missing
from a few methods in 2 modules. - Updated the 3 relevant unit tests to verify
immutable states of various sets.
new c9f279e Merge pull request #314 from
JCgH4164838Gh792C124B5/localS2_25x_B2
881e1b2 is described below
commit 881e1b2580ee51dd4790dc0497bbb2a6200c89b6
Author: JCgH4164838Gh792C124B5
<43964333+jcgh4164838gh792c12...@users.noreply.github.com>
AuthorDate: Fri Jan 18 00:09:29 2019 -0500
Minor cleanup/consistency changes for 3 modules.
- Made a private ConcurrentMap reference final, made initial sets immutable
(consistency).
- Made sets for Accepted and Excluded patterns checkers immutable in 2
modules (consistency).
- Added @Override annotations missing from a few methods in 2 modules.
- Updated the 3 relevant unit tests to verify immutable states of various
sets.
---
.../com/opensymphony/xwork2/ognl/OgnlUtil.java | 5 +-
.../security/DefaultAcceptedPatternsChecker.java | 31 +++-
.../security/DefaultExcludedPatternsChecker.java | 33 -
.../com/opensymphony/xwork2/ognl/OgnlUtilTest.java | 164 +
.../DefaultAcceptedPatternsCheckerTest.java| 62
.../DefaultExcludedPatternsCheckerTest.java| 63
6 files changed, 344 insertions(+), 14 deletions(-)
diff --git a/core/src/main/java/com/opensymphony/xwork2/ognl/OgnlUtil.java
b/core/src/main/java/com/opensymphony/xwork2/ognl/OgnlUtil.java
index c58d14e..20be3dc 100644
--- a/core/src/main/java/com/opensymphony/xwork2/ognl/OgnlUtil.java
+++ b/core/src/main/java/com/opensymphony/xwork2/ognl/OgnlUtil.java
@@ -54,7 +54,7 @@ public class OgnlUtil {
private static final Logger LOG = LogManager.getLogger(OgnlUtil.class);
-private ConcurrentMap expressions = new
ConcurrentHashMap<>();
+private final ConcurrentMap expressions = new
ConcurrentHashMap<>();
private final ConcurrentMap beanInfoCache = new
ConcurrentHashMap<>();
private TypeConverter defaultConverter;
@@ -74,6 +74,9 @@ public class OgnlUtil {
excludedClasses = new HashSet<>();
excludedPackageNamePatterns = new HashSet<>();
excludedPackageNames = new HashSet<>();
+excludedClasses = Collections.unmodifiableSet(excludedClasses);
+excludedPackageNamePatterns =
Collections.unmodifiableSet(excludedPackageNamePatterns);
+excludedPackageNames =
Collections.unmodifiableSet(excludedPackageNames);
}
@Inject
diff --git
a/core/src/main/java/com/opensymphony/xwork2/security/DefaultAcceptedPatternsChecker.java
b/core/src/main/java/com/opensymphony/xwork2/security/DefaultAcceptedPatternsChecker.java
index 30eacef..38f2b7e 100644
---
a/core/src/main/java/com/opensymphony/xwork2/security/DefaultAcceptedPatternsChecker.java
+++
b/core/src/main/java/com/opensymphony/xwork2/security/DefaultAcceptedPatternsChecker.java
@@ -25,6 +25,7 @@ import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import java.util.Arrays;
+import java.util.Collections;
import java.util.HashSet;
import java.util.Set;
import java.util.regex.Pattern;
@@ -48,27 +49,39 @@ public class DefaultAcceptedPatternsChecker implements
AcceptedPatternsChecker {
LOG.warn("Overriding accepted patterns [{}] with [{}], be aware that
this affects all instances and safety of your application!",
acceptedPatterns, acceptablePatterns);
acceptedPatterns = new HashSet<>();
-for (String pattern :
TextParseUtil.commaDelimitedStringToSet(acceptablePatterns)) {
-acceptedPatterns.add(Pattern.compile(pattern,
Pattern.CASE_INSENSITIVE));
+try {
+for (String pattern :
TextParseUtil.commaDelimitedStringToSet(acceptablePatterns)) {
+acceptedPatterns.add(Pattern.compile(pattern,
Pattern.CASE_INSENSITIVE));
+}
+} finally {
+acceptedPatterns = Collections.unmodifiableSet(acceptedPatterns);
}
}
@Inject(value = XWorkConstants.ADDITIONAL_ACCEPTED_PATTERNS, required =
false)
protected void setAdditionalAcceptedPatterns(String acceptablePatterns) {
LOG.warn("Adding additional global patterns [{}] to accepted
patterns!", acceptablePatterns);
-for (String pattern :
TextParseUtil.commaDelimitedStringToSet(acceptablePatterns)) {
-acceptedPatterns.add(Pattern.compile(pattern,
Pattern.CASE_INSENSITIVE));
+
