[jira] [Commented] (WW-4427) Converters no longer applied to values coming from the context
[
https://issues.apache.org/jira/browse/WW-4427?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14256734#comment-14256734
]
ASF GitHub Bot commented on WW-4427:
Github user lukaszlenart commented on a diff in the pull request:
https://github.com/apache/struts/pull/32#discussion_r22206741
--- Diff:
xwork-core/src/main/java/com/opensymphony/xwork2/ognl/OgnlValueStack.java ---
@@ -351,6 +352,7 @@ private Object tryFindValue(String expr, Class asType)
throws OgnlException {
value = getValue(expr, asType);
if (value == null) {
value = findInContext(expr);
+return converter.convertValue(getContext(), value, asType);
--- End diff --
What will happen when value from context is null? Should it be converted?
Can you add additional test case?
> Converters no longer applied to values coming from the context
> --
>
> Key: WW-4427
> URL: https://issues.apache.org/jira/browse/WW-4427
> Project: Struts 2
> Issue Type: Bug
>Affects Versions: 2.3.16.1
>Reporter: Przemek Bruski
> Fix For: 2.3.21
>
> Attachments: struts_patch.diff
>
>
> As a side effect of 4c45a9433bae5fe3fcad5acd95e4f437e548d075 , conversion is
> no longer applied to values coming directly from OGNL context.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Commented] (WW-4427) Converters no longer applied to values coming from the context
[
https://issues.apache.org/jira/browse/WW-4427?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14257057#comment-14257057
]
ASF GitHub Bot commented on WW-4427:
Github user lukaszlenart commented on a diff in the pull request:
https://github.com/apache/struts/pull/32#discussion_r22218137
--- Diff:
xwork-core/src/main/java/com/opensymphony/xwork2/ognl/OgnlValueStack.java ---
@@ -351,6 +352,7 @@ private Object tryFindValue(String expr, Class asType)
throws OgnlException {
value = getValue(expr, asType);
if (value == null) {
value = findInContext(expr);
+return converter.convertValue(getContext(), value, asType);
--- End diff --
I've added it, time to merge :)
> Converters no longer applied to values coming from the context
> --
>
> Key: WW-4427
> URL: https://issues.apache.org/jira/browse/WW-4427
> Project: Struts 2
> Issue Type: Bug
>Affects Versions: 2.3.16.1
>Reporter: Przemek Bruski
> Fix For: 2.3.21
>
> Attachments: struts_patch.diff
>
>
> As a side effect of 4c45a9433bae5fe3fcad5acd95e4f437e548d075 , conversion is
> no longer applied to values coming directly from OGNL context.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Commented] (WW-4427) Converters no longer applied to values coming from the context
[ https://issues.apache.org/jira/browse/WW-4427?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14257063#comment-14257063 ] ASF GitHub Bot commented on WW-4427: Github user asfgit closed the pull request at: https://github.com/apache/struts/pull/32 > Converters no longer applied to values coming from the context > -- > > Key: WW-4427 > URL: https://issues.apache.org/jira/browse/WW-4427 > Project: Struts 2 > Issue Type: Bug >Affects Versions: 2.3.16.1 >Reporter: Przemek Bruski > Fix For: 2.3.21 > > Attachments: struts_patch.diff > > > As a side effect of 4c45a9433bae5fe3fcad5acd95e4f437e548d075 , conversion is > no longer applied to values coming directly from OGNL context. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-4427) Converters no longer applied to values coming from the context
[
https://issues.apache.org/jira/browse/WW-4427?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14257545#comment-14257545
]
ASF GitHub Bot commented on WW-4427:
Github user pbruski commented on a diff in the pull request:
https://github.com/apache/struts/pull/32#discussion_r22236102
--- Diff:
xwork-core/src/main/java/com/opensymphony/xwork2/ognl/OgnlValueStack.java ---
@@ -351,6 +352,7 @@ private Object tryFindValue(String expr, Class asType)
throws OgnlException {
value = getValue(expr, asType);
if (value == null) {
value = findInContext(expr);
+return converter.convertValue(getContext(), value, asType);
--- End diff --
thanks!
> Converters no longer applied to values coming from the context
> --
>
> Key: WW-4427
> URL: https://issues.apache.org/jira/browse/WW-4427
> Project: Struts 2
> Issue Type: Bug
>Affects Versions: 2.3.16.1
>Reporter: Przemek Bruski
>Assignee: Lukasz Lenart
> Fix For: 2.3.21
>
> Attachments: struts_patch.diff
>
>
> As a side effect of 4c45a9433bae5fe3fcad5acd95e4f437e548d075 , conversion is
> no longer applied to values coming directly from OGNL context.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Commented] (WW-4406) TextTagTest fails under JDK7 with different default locales
[ https://issues.apache.org/jira/browse/WW-4406?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14259996#comment-14259996 ] ASF GitHub Bot commented on WW-4406: Github user asfgit closed the pull request at: https://github.com/apache/struts/pull/27 > TextTagTest fails under JDK7 with different default locales > --- > > Key: WW-4406 > URL: https://issues.apache.org/jira/browse/WW-4406 > Project: Struts 2 > Issue Type: Bug > Components: Unit Tests >Affects Versions: 2.3.20 >Reporter: Aleksandr Mashchenko >Priority: Trivial > Labels: patch > Fix For: 2.3.21 > > > TextTagTest#testMessageFormatWorks fails under JDK7 on machines with > different default locales for formatting and displaying. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-4399) struts2-archetype-angularjs uses absolute paths
[ https://issues.apache.org/jira/browse/WW-4399?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=1426#comment-1426 ] ASF GitHub Bot commented on WW-4399: Github user lukaszlenart commented on the pull request: https://github.com/apache/struts/pull/24#issuecomment-68246309 @aleksandr-m can you close this PR? > struts2-archetype-angularjs uses absolute paths > --- > > Key: WW-4399 > URL: https://issues.apache.org/jira/browse/WW-4399 > Project: Struts 2 > Issue Type: Bug >Affects Versions: 2.3.16.3 >Reporter: Aleksandr Mashchenko >Assignee: Johannes Geppert >Priority: Minor > Labels: angularjs, archetype, patch > Fix For: 2.3.20 > > > Application created with struts2-archetype-angularjs will fail when it is > deployed not in the root context -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-4413) Improve JSON interceptor to handle JSON arrays
[ https://issues.apache.org/jira/browse/WW-4413?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14260012#comment-14260012 ] ASF GitHub Bot commented on WW-4413: Github user asfgit closed the pull request at: https://github.com/apache/struts/pull/28 > Improve JSON interceptor to handle JSON arrays > -- > > Key: WW-4413 > URL: https://issues.apache.org/jira/browse/WW-4413 > Project: Struts 2 > Issue Type: Improvement > Components: Plugin - JSON >Affects Versions: 2.3.16.3 >Reporter: Aleksandr Mashchenko > Fix For: 2.3.21 > > > Currently JSON interceptor fails if request holds a JSON array. This PR adds > the ability to handle JSON arrays. > NOTE: root attribute must be set on the JSONInterceptor when dealing with > JSON array. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-4399) struts2-archetype-angularjs uses absolute paths
[ https://issues.apache.org/jira/browse/WW-4399?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14260362#comment-14260362 ] ASF GitHub Bot commented on WW-4399: Github user aleksandr-m closed the pull request at: https://github.com/apache/struts/pull/24 > struts2-archetype-angularjs uses absolute paths > --- > > Key: WW-4399 > URL: https://issues.apache.org/jira/browse/WW-4399 > Project: Struts 2 > Issue Type: Bug >Affects Versions: 2.3.16.3 >Reporter: Aleksandr Mashchenko >Assignee: Johannes Geppert >Priority: Minor > Labels: angularjs, archetype, patch > Fix For: 2.3.20 > > > Application created with struts2-archetype-angularjs will fail when it is > deployed not in the root context -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-4399) struts2-archetype-angularjs uses absolute paths
[ https://issues.apache.org/jira/browse/WW-4399?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14260361#comment-14260361 ] ASF GitHub Bot commented on WW-4399: Github user aleksandr-m commented on the pull request: https://github.com/apache/struts/pull/24#issuecomment-68294819 @lukaszlenart Looking at the source code changes from this PR are implemented, but this request is not merged. How that happened? Anyway closing it now. > struts2-archetype-angularjs uses absolute paths > --- > > Key: WW-4399 > URL: https://issues.apache.org/jira/browse/WW-4399 > Project: Struts 2 > Issue Type: Bug >Affects Versions: 2.3.16.3 >Reporter: Aleksandr Mashchenko >Assignee: Johannes Geppert >Priority: Minor > Labels: angularjs, archetype, patch > Fix For: 2.3.20 > > > Application created with struts2-archetype-angularjs will fail when it is > deployed not in the root context -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-4399) struts2-archetype-angularjs uses absolute paths
[ https://issues.apache.org/jira/browse/WW-4399?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14260393#comment-14260393 ] ASF GitHub Bot commented on WW-4399: Github user lukaszlenart commented on the pull request: https://github.com/apache/struts/pull/24#issuecomment-68297311 Thanks! I will write down `how to merge PRs` guide for committers :) > struts2-archetype-angularjs uses absolute paths > --- > > Key: WW-4399 > URL: https://issues.apache.org/jira/browse/WW-4399 > Project: Struts 2 > Issue Type: Bug >Affects Versions: 2.3.16.3 >Reporter: Aleksandr Mashchenko >Assignee: Johannes Geppert >Priority: Minor > Labels: angularjs, archetype, patch > Fix For: 2.3.20 > > > Application created with struts2-archetype-angularjs will fail when it is > deployed not in the root context -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-4458) NPE in SecurityMemberAccess checking for default java package
[ https://issues.apache.org/jira/browse/WW-4458?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14305951#comment-14305951 ] ASF GitHub Bot commented on WW-4458: GitHub user aleksandr-m opened a pull request: https://github.com/apache/struts/pull/34 WW-4458 - Handle default (unnamed) package security check You can merge this pull request into a Git repository by running: $ git pull https://github.com/aleksandr-m/struts feature/WW-4458 Alternatively you can review and apply these changes as the patch at: https://github.com/apache/struts/pull/34.patch To close this pull request, make a commit to your master/trunk branch with (at least) the following in the commit message: This closes #34 commit 76ea79f38a5e9efbebdf9e7a966795e2deb5bc9f Author: Aleksandr Mashchenko Date: 2015-02-04T20:57:55Z Handle default (unnamed) package security check > NPE in SecurityMemberAccess checking for default java package > - > > Key: WW-4458 > URL: https://issues.apache.org/jira/browse/WW-4458 > Project: Struts 2 > Issue Type: Bug >Reporter: Aleksandr Mashchenko >Priority: Minor > Labels: patch > > [StackOverflow question|http://stackoverflow.com/q/28287981/1700321] -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-4458) NPE in SecurityMemberAccess checking for default java package
[ https://issues.apache.org/jira/browse/WW-4458?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14306741#comment-14306741 ] ASF GitHub Bot commented on WW-4458: Github user asfgit closed the pull request at: https://github.com/apache/struts/pull/34 > NPE in SecurityMemberAccess checking for default java package > - > > Key: WW-4458 > URL: https://issues.apache.org/jira/browse/WW-4458 > Project: Struts 2 > Issue Type: Bug > Components: Value Stack >Affects Versions: 2.3.20 >Reporter: Aleksandr Mashchenko >Priority: Minor > Labels: patch > Fix For: 2.3.22 > > > [StackOverflow question|http://stackoverflow.com/q/28287981/1700321] -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-4427) Converters no longer applied to values coming from the context
[ https://issues.apache.org/jira/browse/WW-4427?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14321898#comment-14321898 ] ASF GitHub Bot commented on WW-4427: GitHub user pbruski opened a pull request: https://github.com/apache/struts/pull/36 WW-4427 - Converters are no longer applied to values coming from the context on error path The previous fix was incomplete. You can merge this pull request into a Git repository by running: $ git pull https://github.com/pbruski/struts develop Alternatively you can review and apply these changes as the patch at: https://github.com/apache/struts/pull/36.patch To close this pull request, make a commit to your master/trunk branch with (at least) the following in the commit message: This closes #36 commit e0d72397c24542a8b83a371a36590570ccd8fd74 Author: Przemek Bruski Date: 2015-02-15T09:40:13Z WW-4427 - Converters are no longer applied to values coming from the context on error path > Converters no longer applied to values coming from the context > -- > > Key: WW-4427 > URL: https://issues.apache.org/jira/browse/WW-4427 > Project: Struts 2 > Issue Type: Bug >Affects Versions: 2.3.16.1 >Reporter: Przemek Bruski >Assignee: Lukasz Lenart > Fix For: 2.3.22 > > Attachments: struts_patch.diff > > > As a side effect of 4c45a9433bae5fe3fcad5acd95e4f437e548d075 , conversion is > no longer applied to values coming directly from OGNL context. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-4427) Converters no longer applied to values coming from the context
[ https://issues.apache.org/jira/browse/WW-4427?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14323741#comment-14323741 ] ASF GitHub Bot commented on WW-4427: Github user asfgit closed the pull request at: https://github.com/apache/struts/pull/36 > Converters no longer applied to values coming from the context > -- > > Key: WW-4427 > URL: https://issues.apache.org/jira/browse/WW-4427 > Project: Struts 2 > Issue Type: Bug >Affects Versions: 2.3.16.1 >Reporter: Przemek Bruski >Assignee: Lukasz Lenart > Fix For: 2.3.22 > > Attachments: struts_patch.diff > > > As a side effect of 4c45a9433bae5fe3fcad5acd95e4f437e548d075 , conversion is > no longer applied to values coming directly from OGNL context. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-3650) Double Value Conversion with requestLocale=de
[ https://issues.apache.org/jira/browse/WW-3650?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14554751#comment-14554751 ] ASF GitHub Bot commented on WW-3650: Github user asfgit closed the pull request at: https://github.com/apache/struts/pull/21 > Double Value Conversion with requestLocale=de > - > > Key: WW-3650 > URL: https://issues.apache.org/jira/browse/WW-3650 > Project: Struts 2 > Issue Type: Bug > Components: Core Interceptors, Plugin - Tags >Affects Versions: 2.2.3 > Environment: Tomcat 6/7, Windows 7 >Reporter: Tim Dellas >Assignee: Lukasz Lenart >Priority: Minor > Fix For: 2.5 > > Original Estimate: 4h > Remaining Estimate: 4h > > When using the german locale, s:textbox (and supposedly also other tags) > don't use localization for Double values. Effect: in a form that prints a > double value to a s:textfield with value="doubleVarName", the double value of > 1.0 is printed out while it should be 1,0 with german locale. If the same > form is sent to an action, the params interceptor interprets the 1.0 somehow > differently and stores 10.0 in the double field "doubleVarName". > I don't find another hack for me other than forcing english locale, which is > okay for my app but might not be okay for other developers. (My first > bugreport, hope it's fine) -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-4404) Implement HttpInterceptor
[ https://issues.apache.org/jira/browse/WW-4404?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14554750#comment-14554750 ] ASF GitHub Bot commented on WW-4404: Github user asfgit closed the pull request at: https://github.com/apache/struts/pull/25 > Implement HttpInterceptor > - > > Key: WW-4404 > URL: https://issues.apache.org/jira/browse/WW-4404 > Project: Struts 2 > Issue Type: Improvement > Components: Core Interceptors >Affects Versions: 2.3.20 >Reporter: Lukasz Lenart >Priority: Minor > Fix For: 2.5 > > > Allows limit access to actions based on used Http method type > https://github.com/apache/struts/pull/25 -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-4355) Replace deprecated HTML attributes with CSS
[ https://issues.apache.org/jira/browse/WW-4355?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14554752#comment-14554752 ] ASF GitHub Bot commented on WW-4355: Github user asfgit closed the pull request at: https://github.com/apache/struts/pull/14 > Replace deprecated HTML attributes with CSS > --- > > Key: WW-4355 > URL: https://issues.apache.org/jira/browse/WW-4355 > Project: Struts 2 > Issue Type: Improvement > Components: Plugin - Tags >Affects Versions: 2.3.16.3 >Reporter: Aleksandr Mashchenko > Labels: patch > Fix For: 2.5 > > > Change HTML5 deprecated attributes to CSS in templates. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-4355) Replace deprecated HTML attributes with CSS
[ https://issues.apache.org/jira/browse/WW-4355?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14554762#comment-14554762 ] ASF GitHub Bot commented on WW-4355: Github user lukaszlenart commented on the pull request: https://github.com/apache/struts/pull/14#issuecomment-104374079 Please re-open this PR against `master` branch > Replace deprecated HTML attributes with CSS > --- > > Key: WW-4355 > URL: https://issues.apache.org/jira/browse/WW-4355 > Project: Struts 2 > Issue Type: Improvement > Components: Plugin - Tags >Affects Versions: 2.3.16.3 >Reporter: Aleksandr Mashchenko > Labels: patch > Fix For: 2.5 > > > Change HTML5 deprecated attributes to CSS in templates. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-4502) File listing for dtd-s
[ https://issues.apache.org/jira/browse/WW-4502?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14554918#comment-14554918 ] ASF GitHub Bot commented on WW-4502: GitHub user aleksandr-m opened a pull request: https://github.com/apache/struts-site/pull/2 WW-4502 - File listing for dtd-s You can merge this pull request into a Git repository by running: $ git pull https://github.com/aleksandr-m/struts-site WW-4502 Alternatively you can review and apply these changes as the patch at: https://github.com/apache/struts-site/pull/2.patch To close this pull request, make a commit to your master/trunk branch with (at least) the following in the commit message: This closes #2 commit f5ad648e7b21709ecb20431669724a7e28292fee Author: Aleksandr Mashchenko Date: 2015-05-21T19:25:53Z Create .htaccess > File listing for dtd-s > -- > > Key: WW-4502 > URL: https://issues.apache.org/jira/browse/WW-4502 > Project: Struts 2 > Issue Type: Improvement > Components: Documentation >Reporter: Aleksandr Mashchenko >Priority: Minor > Labels: documentation > Fix For: 2.5 > > > Can we have a file listing enabled on server for > http://struts.apache.org/dtds/ catalog. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-4503) Build Struts with JDK 7
[ https://issues.apache.org/jira/browse/WW-4503?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14556213#comment-14556213 ] ASF GitHub Bot commented on WW-4503: GitHub user swiftelan opened a pull request: https://github.com/apache/struts/pull/39 WW-4503 Build Struts with JDK 7 You can merge this pull request into a Git repository by running: $ git pull https://github.com/swiftelan/struts master Alternatively you can review and apply these changes as the patch at: https://github.com/apache/struts/pull/39.patch To close this pull request, make a commit to your master/trunk branch with (at least) the following in the commit message: This closes #39 commit e262854e2a1b7548efa0a1eb50d350ecd215231b Author: Aaron Johnson Date: 2015-05-22T14:28:08Z WW-4503 Build Struts with JDK 7 > Build Struts with JDK 7 > --- > > Key: WW-4503 > URL: https://issues.apache.org/jira/browse/WW-4503 > Project: Struts 2 > Issue Type: New Feature > Components: Build Management >Reporter: Aaron Johnson > Fix For: 2.5 > > > Switch to JDK 7 to take advantage of new syntax such as try-with-resources. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-4502) File listing for dtd-s
[ https://issues.apache.org/jira/browse/WW-4502?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14558386#comment-14558386 ] ASF GitHub Bot commented on WW-4502: Github user aleksandr-m closed the pull request at: https://github.com/apache/struts-site/pull/2 > File listing for dtd-s > -- > > Key: WW-4502 > URL: https://issues.apache.org/jira/browse/WW-4502 > Project: Struts 2 > Issue Type: Improvement > Components: Documentation >Reporter: Aleksandr Mashchenko >Assignee: Lukasz Lenart >Priority: Minor > Labels: documentation > Fix For: 2.5 > > > Can we have a file listing enabled on server for > http://struts.apache.org/dtds/ catalog. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-4503) Build Struts with JDK 7
[ https://issues.apache.org/jira/browse/WW-4503?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14559324#comment-14559324 ] ASF GitHub Bot commented on WW-4503: Github user lukaszlenart commented on a diff in the pull request: https://github.com/apache/struts/pull/39#discussion_r31052042 --- Diff: pom.xml --- @@ -352,7 +353,7 @@ org.apache.struts struts-annotations -1.0.5 +1.0.6-SNAPSHOT --- End diff -- Do we need this? I thought after dropping APT we can drop this as well > Build Struts with JDK 7 > --- > > Key: WW-4503 > URL: https://issues.apache.org/jira/browse/WW-4503 > Project: Struts 2 > Issue Type: New Feature > Components: Build Management >Reporter: Aaron Johnson > Fix For: 2.5 > > > Switch to JDK 7 to take advantage of new syntax such as try-with-resources. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-4503) Build Struts with JDK 7
[ https://issues.apache.org/jira/browse/WW-4503?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14559326#comment-14559326 ] ASF GitHub Bot commented on WW-4503: Github user lukaszlenart commented on the pull request: https://github.com/apache/struts/pull/39#issuecomment-105588791 It's better to use two dedicated PRs where each addresses just one issue. > Build Struts with JDK 7 > --- > > Key: WW-4503 > URL: https://issues.apache.org/jira/browse/WW-4503 > Project: Struts 2 > Issue Type: New Feature > Components: Build Management >Reporter: Aaron Johnson > Fix For: 2.5 > > > Switch to JDK 7 to take advantage of new syntax such as try-with-resources. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-4503) Build Struts with JDK 7
[ https://issues.apache.org/jira/browse/WW-4503?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14559337#comment-14559337 ] ASF GitHub Bot commented on WW-4503: Github user lukaszlenart commented on a diff in the pull request: https://github.com/apache/struts/pull/39#discussion_r31053051 --- Diff: pom.xml --- @@ -352,7 +353,7 @@ org.apache.struts struts-annotations -1.0.5 +1.0.6-SNAPSHOT --- End diff -- Now I get it, we must first update struts-annotations project, release it and then we can use it here > Build Struts with JDK 7 > --- > > Key: WW-4503 > URL: https://issues.apache.org/jira/browse/WW-4503 > Project: Struts 2 > Issue Type: New Feature > Components: Build Management >Reporter: Aaron Johnson > Fix For: 2.5 > > > Switch to JDK 7 to take advantage of new syntax such as try-with-resources. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-4503) Build Struts with JDK 7
[ https://issues.apache.org/jira/browse/WW-4503?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14559354#comment-14559354 ] ASF GitHub Bot commented on WW-4503: Github user lukaszlenart commented on the pull request: https://github.com/apache/struts/pull/39#issuecomment-105598273 This PRs mixed fixes for two different things :( > Build Struts with JDK 7 > --- > > Key: WW-4503 > URL: https://issues.apache.org/jira/browse/WW-4503 > Project: Struts 2 > Issue Type: New Feature > Components: Build Management >Reporter: Aaron Johnson > Fix For: 2.5 > > > Switch to JDK 7 to take advantage of new syntax such as try-with-resources. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-4503) Build Struts with JDK 7
[ https://issues.apache.org/jira/browse/WW-4503?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14559518#comment-14559518 ] ASF GitHub Bot commented on WW-4503: Github user swiftelan commented on the pull request: https://github.com/apache/struts/pull/39#issuecomment-105621794 I understand. I merged changes from the GitHub mirror to my fork. I didn't know that it would update the existing pull request, that was not my intention. > Build Struts with JDK 7 > --- > > Key: WW-4503 > URL: https://issues.apache.org/jira/browse/WW-4503 > Project: Struts 2 > Issue Type: New Feature > Components: Build Management >Reporter: Aaron Johnson > Fix For: 2.5 > > > Switch to JDK 7 to take advantage of new syntax such as try-with-resources. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-4503) Build Struts with JDK 7
[ https://issues.apache.org/jira/browse/WW-4503?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14559520#comment-14559520 ] ASF GitHub Bot commented on WW-4503: Github user swiftelan closed the pull request at: https://github.com/apache/struts/pull/39 > Build Struts with JDK 7 > --- > > Key: WW-4503 > URL: https://issues.apache.org/jira/browse/WW-4503 > Project: Struts 2 > Issue Type: New Feature > Components: Build Management >Reporter: Aaron Johnson > Fix For: 2.5 > > > Switch to JDK 7 to take advantage of new syntax such as try-with-resources. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-4503) Build Struts with JDK 7
[ https://issues.apache.org/jira/browse/WW-4503?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14560807#comment-14560807 ] ASF GitHub Bot commented on WW-4503: Github user lukaszlenart commented on the pull request: https://github.com/apache/struts/pull/39#issuecomment-105879836 Yeah... each change must be in separated branch and every commit to that branch will be automatically exposed as a part of PR. That's how it works :) > Build Struts with JDK 7 > --- > > Key: WW-4503 > URL: https://issues.apache.org/jira/browse/WW-4503 > Project: Struts 2 > Issue Type: New Feature > Components: Build Management >Reporter: Aaron Johnson > Fix For: 2.5 > > > Switch to JDK 7 to take advantage of new syntax such as try-with-resources. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-4503) Build Struts with JDK 7
[ https://issues.apache.org/jira/browse/WW-4503?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14560814#comment-14560814 ] ASF GitHub Bot commented on WW-4503: Github user lukaszlenart commented on the pull request: https://github.com/apache/struts/pull/39#issuecomment-105880104 Are you going to open a new PR to introduce JDK7? If not I can do it directly based on your changes - it's an easy fix :) > Build Struts with JDK 7 > --- > > Key: WW-4503 > URL: https://issues.apache.org/jira/browse/WW-4503 > Project: Struts 2 > Issue Type: New Feature > Components: Build Management >Reporter: Aaron Johnson > Fix For: 2.5 > > > Switch to JDK 7 to take advantage of new syntax such as try-with-resources. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-4503) Build Struts with JDK 7
[ https://issues.apache.org/jira/browse/WW-4503?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=1456#comment-1456 ] ASF GitHub Bot commented on WW-4503: Github user swiftelan commented on the pull request: https://github.com/apache/struts/pull/39#issuecomment-105947844 Moving to Java 7 requires the new annotation parser or the removal of the maven-apt-plugin. The annotation parser [job](https://builds.apache.org/view/S-Z/view/Struts/job/struts-annotations/) is disabled. Using a snapshot version of the annotation processor will fail the build. It might be easier for you to coordinate changes to both repositories. > Build Struts with JDK 7 > --- > > Key: WW-4503 > URL: https://issues.apache.org/jira/browse/WW-4503 > Project: Struts 2 > Issue Type: New Feature > Components: Build Management >Reporter: Aaron Johnson > Fix For: 2.5 > > > Switch to JDK 7 to take advantage of new syntax such as try-with-resources. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-4503) Build Struts with JDK 7
[ https://issues.apache.org/jira/browse/WW-4503?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14561304#comment-14561304 ] ASF GitHub Bot commented on WW-4503: Github user lukaszlenart commented on the pull request: https://github.com/apache/struts/pull/39#issuecomment-106001352 Ok, I will handle this based on your work, thanks! It will take some time as releasing new version of struts-annotations requires a vote > Build Struts with JDK 7 > --- > > Key: WW-4503 > URL: https://issues.apache.org/jira/browse/WW-4503 > Project: Struts 2 > Issue Type: New Feature > Components: Build Management >Reporter: Aaron Johnson > Fix For: 2.5 > > > Switch to JDK 7 to take advantage of new syntax such as try-with-resources. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-4499) s:radio and s:checkbox tag doesn't accept "readonly" attribute
[ https://issues.apache.org/jira/browse/WW-4499?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14566061#comment-14566061 ] ASF GitHub Bot commented on WW-4499: GitHub user aleksandr-m opened a pull request: https://github.com/apache/struts/pull/41 WW-4499 - Removed readonly attribute from radio, checkbox and checkboxlist tags. Readonly attribute is ignored in radio and checkbox inputs. You can merge this pull request into a Git repository by running: $ git pull https://github.com/aleksandr-m/struts feature/WW-4499 Alternatively you can review and apply these changes as the patch at: https://github.com/apache/struts/pull/41.patch To close this pull request, make a commit to your master/trunk branch with (at least) the following in the commit message: This closes #41 commit d587a687a85edb771d8d6421e45f7e699f116a94 Author: Aleksandr Mashchenko Date: 2015-05-30T15:35:25Z WW-4499 - Removed readonly attribute from radio, checkbox and checkboxlist tags. > s:radio and s:checkbox tag doesn't accept "readonly" attribute > -- > > Key: WW-4499 > URL: https://issues.apache.org/jira/browse/WW-4499 > Project: Struts 2 > Issue Type: Bug > Components: Plugin - Tags >Affects Versions: 2.3.20 > Environment: Struts-2.3.20 > Tomcat 7.0.47 > JDK 1.8.0 (Windows x64) >Reporter: Iwasa Kazmi > > and tag in JSP doesn't accept "readonly" attribute. > On Tomcat, org.apache.jasper.JasperException is thrown and it says unable to > find the setter method. > In org.apache.struts2.components package, 5 classes have setReadonly() method. > Checkbox > CheckboxList > Radio > TextArea > TextField > In org.apache.struts2.views.jsp.ui package, only two classes have > setReadonly() method. > TextareaTag > TextFieldTag > RadioTag class, CheckboxTag class, and CheckboxListTag class need > setReadonly() method ? > According to the struts-tags.tld and tag reference on the web site, these > three tags should accept "readonly" attribute. > If "readonly" attribute is not supported on these tags, struts-tags.tld and > reference pages should be corrected. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-4499) s:radio and s:checkbox tag doesn't accept "readonly" attribute
[ https://issues.apache.org/jira/browse/WW-4499?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14576788#comment-14576788 ] ASF GitHub Bot commented on WW-4499: Github user asfgit closed the pull request at: https://github.com/apache/struts/pull/41 > s:radio and s:checkbox tag doesn't accept "readonly" attribute > -- > > Key: WW-4499 > URL: https://issues.apache.org/jira/browse/WW-4499 > Project: Struts 2 > Issue Type: Bug > Components: Plugin - Tags >Affects Versions: 2.3.20 > Environment: Struts-2.3.20 > Tomcat 7.0.47 > JDK 1.8.0 (Windows x64) >Reporter: Iwasa Kazmi > > and tag in JSP doesn't accept "readonly" attribute. > On Tomcat, org.apache.jasper.JasperException is thrown and it says unable to > find the setter method. > In org.apache.struts2.components package, 5 classes have setReadonly() method. > Checkbox > CheckboxList > Radio > TextArea > TextField > In org.apache.struts2.views.jsp.ui package, only two classes have > setReadonly() method. > TextareaTag > TextFieldTag > RadioTag class, CheckboxTag class, and CheckboxListTag class need > setReadonly() method ? > According to the struts-tags.tld and tag reference on the web site, these > three tags should accept "readonly" attribute. > If "readonly" attribute is not supported on these tags, struts-tags.tld and > reference pages should be corrected. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-4515) Convert try blocks to try-with-resources
[ https://issues.apache.org/jira/browse/WW-4515?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14589901#comment-14589901 ] ASF GitHub Bot commented on WW-4515: GitHub user swiftelan opened a pull request: https://github.com/apache/struts/pull/42 WW-4515 Convert try blocks to try-with-resources You can merge this pull request into a Git repository by running: $ git pull https://github.com/swiftelan/struts feature/WW-4515 Alternatively you can review and apply these changes as the patch at: https://github.com/apache/struts/pull/42.patch To close this pull request, make a commit to your master/trunk branch with (at least) the following in the commit message: This closes #42 commit e262854e2a1b7548efa0a1eb50d350ecd215231b Author: Aaron Johnson Date: 2015-05-22T14:28:08Z WW-4503 Build Struts with JDK 7 commit 0ad77d403ec83646f5a11d2147bc3fca694ecfe6 Author: Aaron Johnson Date: 2015-05-26T14:35:04Z Merge branch 'master' of github.com:apache/struts commit 08fad71aafb1215438d65f817412a04b3584f5bb Author: Aaron Johnson Date: 2015-05-26T14:36:33Z WW-4402 JDK 8: build fails due to missing apt tool commit b922d5aad1c91510d7a77443b8e21078fb7bab3a Author: Aaron Johnson Date: 2015-05-26T20:41:20Z Merge branch 'master' of github.com:apache/struts commit 6c9ca6201c2f7f4f4fbac28fad844bcd1e4d62ef Author: Aaron Johnson Date: 2015-05-29T15:42:12Z Merge branch 'master' of github.com:apache/struts # By Johannes Geppert (9) and others # Via Johannes Geppert (3) and Lukasz Lenart (1) * 'master' of github.com:apache/struts: Refactor showcase and migrate to bootstrap 3 WW-4505 Add plugin to support bean validation Drops version of maven-compiler-plugin as this breaks build WW-4503 Sitches to JDK7 WW-4505 Add plugin to support bean validation WW-4505 Add plugin to support bean validation WW-4505 Add plugin to support bean validation Create README.md Add test cases for ModelDriven action, standard actions and FieldMatch validator WW-4504 - Mark current logging layer as @deprecated and use Log4j2 as default one Fix missing import of LoggerFactory WW-4505 Add plugin to support bean validation WW-4505 Add plugin to support bean validation commit ebf4b170c0515fcc094c698c0d19dabf08ad935f Author: Aaron Johnson Date: 2015-06-16T19:24:38Z Merge branch 'master' of github.com:apache/struts # By Johannes Geppert (16) and others # Via Johannes Geppert (2) and others * 'master' of github.com:apache/struts: (27 commits) Switch to latest commons-collections, commons-io, commons-lang3 and commons-digester versions Minor code improvements's in the cdi, convention, jasperreports, junit, rest and sitemesh plugin Minor code improvements's in the xwork-core module Remove provider class generic to fix compile error which breaks the build adjusted h1 to match page title fixed display of last two fields using java.util.Date instead of java.sql.Date using ObjectFactory instead of Class.forName() small updates to logging WW-4513 Move mailreader app to struts2-examples WW-4512 Move struts2 jboss-blank app to struts2-examples WW-4511 Move struts2 blank app to struts2-examples added some more eclipse specific directories to .gitignore added testcase for action with method prefixed by 'do' fixed some typos in javadoc fixed some generics related warnings and did a little re-formatting added missing jquery file Minor code improvement's in the struts json plugin Minor code improvement's in the struts spring plugin Minor code improvements's in the struts core module ... commit bf15ad20b13da0ef81a3e30cf43c3999f13264c2 Author: Aaron Johnson Date: 2015-06-17T13:35:24Z Merge branch 'master' of github.com:apache/struts into feature/WW-4515 # By Johannes Geppert # Via Johannes Geppert * 'master' of github.com:apache/struts: Fiy typo in commons-digester artifact id commit 3fab155b4cc530ca3ca0b69299ddcb348eb5f26d Author: Aaron Johnson Date: 2015-06-17T14:24:08Z WW-4515 Convert try blocks to try-with-resources commit c71c3def74aae42ad205bd1ec839044c220b7ac0 Author: Aaron Johnson Date: 2015-06-17T14:32:57Z WW-4515 Convert try blocks to try-with-resources commit 0b19499ffd78f44a6dd8b767e9995c980efeb01f Author: Aaron Johnson Date: 2015-06-17T14:49:26Z WW-4515 Convert try blocks to try-with-resources commit 86da1ea8c2fec919bb3c94ceeb9c29f1acf04276 Author: Aaron Johnson Date: 2015-06-17T14:51:25Z WW-4515 Convert try blocks to try-with-resources > Convert try blocks to try-with-resources > > > Key: WW-4515 > URL: https:
[jira] [Commented] (WW-4515) Convert try blocks to try-with-resources
[ https://issues.apache.org/jira/browse/WW-4515?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14590225#comment-14590225 ] ASF GitHub Bot commented on WW-4515: Github user asfgit closed the pull request at: https://github.com/apache/struts/pull/42 > Convert try blocks to try-with-resources > > > Key: WW-4515 > URL: https://issues.apache.org/jira/browse/WW-4515 > Project: Struts 2 > Issue Type: Improvement >Reporter: Aaron Johnson >Priority: Minor > Fix For: 2.5.x > > > Convert finally blocks that manage closable resources to use JDK 7's > try-with-resources syntax. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-4516) BeanInfo caching does not work when using Hotswap/Rapid-development tools.
[ https://issues.apache.org/jira/browse/WW-4516?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14594717#comment-14594717 ] ASF GitHub Bot commented on WW-4516: GitHub user Naros opened a pull request: https://github.com/apache/struts/pull/43 WW-4516: Allow JSON plug-in to skip bean cache when devMode is enabled. Adds support for disabling bean cache on JSON plugin when devMode is enabled. You can merge this pull request into a Git repository by running: $ git pull https://github.com/Naros/struts master Alternatively you can review and apply these changes as the patch at: https://github.com/apache/struts/pull/43.patch To close this pull request, make a commit to your master/trunk branch with (at least) the following in the commit message: This closes #43 commit 30df43f1fa01ecbbc021d47cadb3cd759bdba8f9 Author: Naros Date: 2015-06-20T18:19:29Z WW-4516: Allow JSON plug-in to skip bean cache when devMode is enabled. > BeanInfo caching does not work when using Hotswap/Rapid-development tools. > -- > > Key: WW-4516 > URL: https://issues.apache.org/jira/browse/WW-4516 > Project: Struts 2 > Issue Type: Bug > Components: Plugin - JSON >Affects Versions: 2.3.24 >Reporter: Chris Cranford >Priority: Critical > Fix For: 2.5.x > > > WW-3902 added functionality to cache BeanInfo instances that were retrieved > by introspection to avoid application server locks. > The problem with this fix is that when using rapid-development or hotswap > tools like JRebel, changes to the JSON output is unaffected because the > plugin doesn't see bean changes due to it's internal cache. > It would probably be ideal that when struts.devMode is enabled, the plugin > bypasses the internal cache that it does to support development tools such as > JRebel and only use the caching mechanism non-development cases. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-4516) BeanInfo caching does not work when using Hotswap/Rapid-development tools.
[ https://issues.apache.org/jira/browse/WW-4516?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14595362#comment-14595362 ] ASF GitHub Bot commented on WW-4516: Github user lukaszlenart commented on a diff in the pull request: https://github.com/apache/struts/pull/43#discussion_r32905222 --- Diff: plugins/json/src/main/java/org/apache/struts2/json/JSONResult.java --- @@ -92,12 +96,18 @@ private String contentType; private String wrapPrefix; private String wrapSuffix; - +private boolean debugMode = false; --- End diff -- Please rename this to `devMode` > BeanInfo caching does not work when using Hotswap/Rapid-development tools. > -- > > Key: WW-4516 > URL: https://issues.apache.org/jira/browse/WW-4516 > Project: Struts 2 > Issue Type: Bug > Components: Plugin - JSON >Affects Versions: 2.3.24 >Reporter: Chris Cranford >Priority: Critical > Fix For: 2.5.x > > > WW-3902 added functionality to cache BeanInfo instances that were retrieved > by introspection to avoid application server locks. > The problem with this fix is that when using rapid-development or hotswap > tools like JRebel, changes to the JSON output is unaffected because the > plugin doesn't see bean changes due to it's internal cache. > It would probably be ideal that when struts.devMode is enabled, the plugin > bypasses the internal cache that it does to support development tools such as > JRebel and only use the caching mechanism non-development cases. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-4516) BeanInfo caching does not work when using Hotswap/Rapid-development tools.
[
https://issues.apache.org/jira/browse/WW-4516?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14595367#comment-14595367
]
ASF GitHub Bot commented on WW-4516:
Github user lukaszlenart commented on a diff in the pull request:
https://github.com/apache/struts/pull/43#discussion_r32905325
--- Diff: plugins/json/src/main/java/org/apache/struts2/json/JSONUtil.java
---
@@ -53,7 +68,22 @@
* @throws JSONException
*/
public static String serialize(Object object) throws JSONException {
--- End diff --
Is this method used somewhere else? If not, it's the perfect time to drop it
> BeanInfo caching does not work when using Hotswap/Rapid-development tools.
> --
>
> Key: WW-4516
> URL: https://issues.apache.org/jira/browse/WW-4516
> Project: Struts 2
> Issue Type: Bug
> Components: Plugin - JSON
>Affects Versions: 2.3.24
>Reporter: Chris Cranford
>Priority: Critical
> Fix For: 2.5.x
>
>
> WW-3902 added functionality to cache BeanInfo instances that were retrieved
> by introspection to avoid application server locks.
> The problem with this fix is that when using rapid-development or hotswap
> tools like JRebel, changes to the JSON output is unaffected because the
> plugin doesn't see bean changes due to it's internal cache.
> It would probably be ideal that when struts.devMode is enabled, the plugin
> bypasses the internal cache that it does to support development tools such as
> JRebel and only use the caching mechanism non-development cases.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Commented] (WW-4516) BeanInfo caching does not work when using Hotswap/Rapid-development tools.
[
https://issues.apache.org/jira/browse/WW-4516?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14595880#comment-14595880
]
ASF GitHub Bot commented on WW-4516:
Github user Naros commented on a diff in the pull request:
https://github.com/apache/struts/pull/43#discussion_r32930991
--- Diff: plugins/json/src/main/java/org/apache/struts2/json/JSONUtil.java
---
@@ -53,7 +68,22 @@
* @throws JSONException
*/
public static String serialize(Object object) throws JSONException {
--- End diff --
Not that I can see from just scanning my github fork. I'll double check
when I get home tonight and if not; I'll remove it.
> BeanInfo caching does not work when using Hotswap/Rapid-development tools.
> --
>
> Key: WW-4516
> URL: https://issues.apache.org/jira/browse/WW-4516
> Project: Struts 2
> Issue Type: Bug
> Components: Plugin - JSON
>Affects Versions: 2.3.24
>Reporter: Chris Cranford
>Priority: Critical
> Fix For: 2.5.x
>
>
> WW-3902 added functionality to cache BeanInfo instances that were retrieved
> by introspection to avoid application server locks.
> The problem with this fix is that when using rapid-development or hotswap
> tools like JRebel, changes to the JSON output is unaffected because the
> plugin doesn't see bean changes due to it's internal cache.
> It would probably be ideal that when struts.devMode is enabled, the plugin
> bypasses the internal cache that it does to support development tools such as
> JRebel and only use the caching mechanism non-development cases.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Commented] (WW-4516) BeanInfo caching does not work when using Hotswap/Rapid-development tools.
[
https://issues.apache.org/jira/browse/WW-4516?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14595946#comment-14595946
]
ASF GitHub Bot commented on WW-4516:
Github user Naros commented on a diff in the pull request:
https://github.com/apache/struts/pull/43#discussion_r32936125
--- Diff: plugins/json/src/main/java/org/apache/struts2/json/JSONUtil.java
---
@@ -53,7 +68,22 @@
* @throws JSONException
*/
public static String serialize(Object object) throws JSONException {
--- End diff --
It is currently used in the test cases
JSONResultTest - testJSONUtilNPEOnNullMethod()
JSONUtilTest = testSerializeDeserialize()
Thoughts?
> BeanInfo caching does not work when using Hotswap/Rapid-development tools.
> --
>
> Key: WW-4516
> URL: https://issues.apache.org/jira/browse/WW-4516
> Project: Struts 2
> Issue Type: Bug
> Components: Plugin - JSON
>Affects Versions: 2.3.24
>Reporter: Chris Cranford
>Priority: Critical
> Fix For: 2.5.x
>
>
> WW-3902 added functionality to cache BeanInfo instances that were retrieved
> by introspection to avoid application server locks.
> The problem with this fix is that when using rapid-development or hotswap
> tools like JRebel, changes to the JSON output is unaffected because the
> plugin doesn't see bean changes due to it's internal cache.
> It would probably be ideal that when struts.devMode is enabled, the plugin
> bypasses the internal cache that it does to support development tools such as
> JRebel and only use the caching mechanism non-development cases.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Commented] (WW-4516) BeanInfo caching does not work when using Hotswap/Rapid-development tools.
[
https://issues.apache.org/jira/browse/WW-4516?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14595957#comment-14595957
]
ASF GitHub Bot commented on WW-4516:
Github user lukaszlenart commented on a diff in the pull request:
https://github.com/apache/struts/pull/43#discussion_r32937264
--- Diff: plugins/json/src/main/java/org/apache/struts2/json/JSONUtil.java
---
@@ -53,7 +68,22 @@
* @throws JSONException
*/
public static String serialize(Object object) throws JSONException {
--- End diff --
Throw away and use the new version
> BeanInfo caching does not work when using Hotswap/Rapid-development tools.
> --
>
> Key: WW-4516
> URL: https://issues.apache.org/jira/browse/WW-4516
> Project: Struts 2
> Issue Type: Bug
> Components: Plugin - JSON
>Affects Versions: 2.3.24
>Reporter: Chris Cranford
>Priority: Critical
> Fix For: 2.5.x
>
>
> WW-3902 added functionality to cache BeanInfo instances that were retrieved
> by introspection to avoid application server locks.
> The problem with this fix is that when using rapid-development or hotswap
> tools like JRebel, changes to the JSON output is unaffected because the
> plugin doesn't see bean changes due to it's internal cache.
> It would probably be ideal that when struts.devMode is enabled, the plugin
> bypasses the internal cache that it does to support development tools such as
> JRebel and only use the caching mechanism non-development cases.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Commented] (WW-4516) BeanInfo caching does not work when using Hotswap/Rapid-development tools.
[ https://issues.apache.org/jira/browse/WW-4516?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14595976#comment-14595976 ] ASF GitHub Bot commented on WW-4516: Github user Naros commented on a diff in the pull request: https://github.com/apache/struts/pull/43#discussion_r32938705 --- Diff: plugins/json/src/main/java/org/apache/struts2/json/JSONResult.java --- @@ -92,12 +96,18 @@ private String contentType; private String wrapPrefix; private String wrapSuffix; - +private boolean debugMode = false; --- End diff -- Changed in latest commits per your request. > BeanInfo caching does not work when using Hotswap/Rapid-development tools. > -- > > Key: WW-4516 > URL: https://issues.apache.org/jira/browse/WW-4516 > Project: Struts 2 > Issue Type: Bug > Components: Plugin - JSON >Affects Versions: 2.3.24 >Reporter: Chris Cranford >Priority: Critical > Fix For: 2.5.x > > > WW-3902 added functionality to cache BeanInfo instances that were retrieved > by introspection to avoid application server locks. > The problem with this fix is that when using rapid-development or hotswap > tools like JRebel, changes to the JSON output is unaffected because the > plugin doesn't see bean changes due to it's internal cache. > It would probably be ideal that when struts.devMode is enabled, the plugin > bypasses the internal cache that it does to support development tools such as > JRebel and only use the caching mechanism non-development cases. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-4516) BeanInfo caching does not work when using Hotswap/Rapid-development tools.
[
https://issues.apache.org/jira/browse/WW-4516?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14595980#comment-14595980
]
ASF GitHub Bot commented on WW-4516:
Github user lukaszlenart commented on a diff in the pull request:
https://github.com/apache/struts/pull/43#discussion_r32939393
--- Diff:
plugins/json/src/main/java/org/apache/struts2/json/JSONResult.java ---
@@ -92,12 +96,18 @@
private String contentType;
private String wrapPrefix;
private String wrapSuffix;
-
+private boolean devMode = false;
+
@Inject(StrutsConstants.STRUTS_I18N_ENCODING)
public void setDefaultEncoding(String val) {
this.defaultEncoding = val;
}
-
+
+@Inject(StrutsConstants.STRUTS_DEVMODE)
+public void setDebugMode(String val) {
--- End diff --
Can you rename setter as well? Thanks!
> BeanInfo caching does not work when using Hotswap/Rapid-development tools.
> --
>
> Key: WW-4516
> URL: https://issues.apache.org/jira/browse/WW-4516
> Project: Struts 2
> Issue Type: Bug
> Components: Plugin - JSON
>Affects Versions: 2.3.24
>Reporter: Chris Cranford
>Priority: Critical
> Fix For: 2.5.x
>
>
> WW-3902 added functionality to cache BeanInfo instances that were retrieved
> by introspection to avoid application server locks.
> The problem with this fix is that when using rapid-development or hotswap
> tools like JRebel, changes to the JSON output is unaffected because the
> plugin doesn't see bean changes due to it's internal cache.
> It would probably be ideal that when struts.devMode is enabled, the plugin
> bypasses the internal cache that it does to support development tools such as
> JRebel and only use the caching mechanism non-development cases.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Commented] (WW-4516) BeanInfo caching does not work when using Hotswap/Rapid-development tools.
[ https://issues.apache.org/jira/browse/WW-4516?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14603487#comment-14603487 ] ASF GitHub Bot commented on WW-4516: Github user asfgit closed the pull request at: https://github.com/apache/struts/pull/43 > BeanInfo caching does not work when using Hotswap/Rapid-development tools. > -- > > Key: WW-4516 > URL: https://issues.apache.org/jira/browse/WW-4516 > Project: Struts 2 > Issue Type: Bug > Components: Plugin - JSON >Affects Versions: 2.3.24 >Reporter: Chris Cranford >Priority: Critical > Fix For: 2.5.x > > > WW-3902 added functionality to cache BeanInfo instances that were retrieved > by introspection to avoid application server locks. > The problem with this fix is that when using rapid-development or hotswap > tools like JRebel, changes to the JSON output is unaffected because the > plugin doesn't see bean changes due to it's internal cache. > It would probably be ideal that when struts.devMode is enabled, the plugin > bypasses the internal cache that it does to support development tools such as > JRebel and only use the caching mechanism non-development cases. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-4520) Add prefix for CSS classes
[ https://issues.apache.org/jira/browse/WW-4520?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14608570#comment-14608570 ] ASF GitHub Bot commented on WW-4520: GitHub user aleksandr-m opened a pull request: https://github.com/apache/struts/pull/44 WW-4520 - Add prefix for CSS classes. You can merge this pull request into a Git repository by running: $ git pull https://github.com/aleksandr-m/struts feature/css-class-prefix Alternatively you can review and apply these changes as the patch at: https://github.com/apache/struts/pull/44.patch To close this pull request, make a commit to your master/trunk branch with (at least) the following in the commit message: This closes #44 commit cc6bf9bf18d46309fa6c405bb90232888348c477 Author: Aleksandr Mashchenko Date: 2015-06-30T15:53:36Z Added prefix for css classes. > Add prefix for CSS classes > -- > > Key: WW-4520 > URL: https://issues.apache.org/jira/browse/WW-4520 > Project: Struts 2 > Issue Type: Improvement >Reporter: Aleksandr Mashchenko >Priority: Minor > Fix For: 2.5 > > > Add prefix for CSS classes used in Struts to minimize collisions with other > frameworks/user defined CSS classes. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-4523) Add more log statements to RolesInterceptor
[ https://issues.apache.org/jira/browse/WW-4523?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14622728#comment-14622728 ] ASF GitHub Bot commented on WW-4523: GitHub user aleksandr-m opened a pull request: https://github.com/apache/struts/pull/45 WW-4523 - Add more log statements to RolesInterceptor You can merge this pull request into a Git repository by running: $ git pull https://github.com/aleksandr-m/struts feature/roles_interceptor_logs Alternatively you can review and apply these changes as the patch at: https://github.com/apache/struts/pull/45.patch To close this pull request, make a commit to your master/trunk branch with (at least) the following in the commit message: This closes #45 commit 72e8b109b5b1da013678b2910fb28e20a6c1db1a Author: Aleksandr Mashchenko Date: 2015-07-10T18:40:30Z WW-4523 - Add more log statements to RolesInterceptor > Add more log statements to RolesInterceptor > --- > > Key: WW-4523 > URL: https://issues.apache.org/jira/browse/WW-4523 > Project: Struts 2 > Issue Type: Improvement > Components: Core Interceptors >Reporter: Aleksandr Mashchenko >Priority: Trivial > Fix For: 2.5 > > -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-4523) Add more log statements to RolesInterceptor
[ https://issues.apache.org/jira/browse/WW-4523?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14623368#comment-14623368 ] ASF GitHub Bot commented on WW-4523: Github user aleksandr-m commented on the pull request: https://github.com/apache/struts/pull/45#issuecomment-120607949 You're right. In that case there is no need for check. > Add more log statements to RolesInterceptor > --- > > Key: WW-4523 > URL: https://issues.apache.org/jira/browse/WW-4523 > Project: Struts 2 > Issue Type: Improvement > Components: Core Interceptors >Reporter: Aleksandr Mashchenko >Priority: Trivial > Fix For: 2.5 > > -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-4523) Add more log statements to RolesInterceptor
[ https://issues.apache.org/jira/browse/WW-4523?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14623872#comment-14623872 ] ASF GitHub Bot commented on WW-4523: Github user jogep commented on the pull request: https://github.com/apache/struts/pull/45#issuecomment-120737377 PR is merged in master > Add more log statements to RolesInterceptor > --- > > Key: WW-4523 > URL: https://issues.apache.org/jira/browse/WW-4523 > Project: Struts 2 > Issue Type: Improvement > Components: Core Interceptors >Reporter: Aleksandr Mashchenko >Assignee: Johannes Geppert >Priority: Trivial > Fix For: 2.5 > > -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-4523) Add more log statements to RolesInterceptor
[ https://issues.apache.org/jira/browse/WW-4523?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14624112#comment-14624112 ] ASF GitHub Bot commented on WW-4523: Github user lizhuangs commented on the pull request: https://github.com/apache/struts/pull/45#issuecomment-120781846 when I upgrade struts2.3.20 to struts2.3.24.tomcat not work. java.lang.IncompatibleClassChangeError: Implementing class at java.lang.ClassLoader.defineClass1(Native Method) at java.lang.ClassLoader.defineClassCond(ClassLoader.java:631) at java.lang.ClassLoader.defineClass(ClassLoader.java:615) at java.security.SecureClassLoader.defineClass(SecureClassLoader.java:141) at org.apache.catalina.loader.WebappClassLoader.findClassInternal(WebappClassLoader.java:2854) at org.apache.catalina.loader.WebappClassLoader.findClass(WebappClassLoader.java:1159) at org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1647) at org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1526) at java.lang.ClassLoader.defineClass1(Native Method) at java.lang.ClassLoader.defineClassCond(ClassLoader.java:631) at java.lang.ClassLoader.defineClass(ClassLoader.java:615) at java.security.SecureClassLoader.defineClass(SecureClassLoader.java:141) at org.apache.catalina.loader.WebappClassLoader.findClassInternal(WebappClassLoader.java:2854) at org.apache.catalina.loader.WebappClassLoader.findClass(WebappClassLoader.java:1159) at org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1647) at org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1526) at org.apache.struts2.convention.PackageBasedActionConfigBuilder.buildClassFinder(PackageBasedActionConfigBuilder.java:416) at org.apache.struts2.convention.PackageBasedActionConfigBuilder.findActions(PackageBasedActionConfigBuilder.java:397) at org.apache.struts2.convention.PackageBasedActionConfigBuilder.buildActionConfigs(PackageBasedActionConfigBuilder.java:354) at org.apache.struts2.convention.ClasspathPackageProvider.loadPackages(ClasspathPackageProvider.java:53) at com.opensymphony.xwork2.config.impl.DefaultConfiguration.reloadContainer(DefaultConfiguration.java:274) at com.opensymphony.xwork2.config.ConfigurationManager.getConfiguration(ConfigurationManager.java:67) at org.apache.struts2.dispatcher.Dispatcher.getContainer(Dispatcher.java:967) at org.apache.struts2.dispatcher.Dispatcher.init_PreloadConfiguration(Dispatcher.java:435) at org.apache.struts2.dispatcher.Dispatcher.init(Dispatcher.java:479) at org.apache.struts2.dispatcher.ng.InitOperations.initDispatcher(InitOperations.java:74) at org.apache.struts2.dispatcher.ng.filter.StrutsPrepareAndExecuteFilter.init(StrutsPrepareAndExecuteFilter.java:57) > Add more log statements to RolesInterceptor > --- > > Key: WW-4523 > URL: https://issues.apache.org/jira/browse/WW-4523 > Project: Struts 2 > Issue Type: Improvement > Components: Core Interceptors >Reporter: Aleksandr Mashchenko >Assignee: Johannes Geppert >Priority: Trivial > Fix For: 2.5 > > -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-4527) Show property class in debug tag
[ https://issues.apache.org/jira/browse/WW-4527?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14626913#comment-14626913 ] ASF GitHub Bot commented on WW-4527: GitHub user aleksandr-m opened a pull request: https://github.com/apache/struts/pull/46 WW-4527 - Show property class in debug tag You can merge this pull request into a Git repository by running: $ git pull https://github.com/aleksandr-m/struts feature/debug_tag_class Alternatively you can review and apply these changes as the patch at: https://github.com/apache/struts/pull/46.patch To close this pull request, make a commit to your master/trunk branch with (at least) the following in the commit message: This closes #46 commit f85c60ea477530872f7b0ab2d16f16a375cd4ab2 Author: Aleksandr Mashchenko Date: 2015-07-14T19:24:08Z WW-4527 - Show property class in debug tag > Show property class in debug tag > > > Key: WW-4527 > URL: https://issues.apache.org/jira/browse/WW-4527 > Project: Struts 2 > Issue Type: Improvement >Reporter: Aleksandr Mashchenko >Priority: Trivial > Fix For: 2.5 > > -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-4527) Show property class in debug tag
[ https://issues.apache.org/jira/browse/WW-4527?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14627598#comment-14627598 ] ASF GitHub Bot commented on WW-4527: Github user asfgit closed the pull request at: https://github.com/apache/struts/pull/46 > Show property class in debug tag > > > Key: WW-4527 > URL: https://issues.apache.org/jira/browse/WW-4527 > Project: Struts 2 > Issue Type: Improvement >Reporter: Aleksandr Mashchenko >Priority: Trivial > Fix For: 2.5 > > -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-4523) Add more log statements to RolesInterceptor
[ https://issues.apache.org/jira/browse/WW-4523?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14633965#comment-14633965 ] ASF GitHub Bot commented on WW-4523: Github user aleksandr-m closed the pull request at: https://github.com/apache/struts/pull/45 > Add more log statements to RolesInterceptor > --- > > Key: WW-4523 > URL: https://issues.apache.org/jira/browse/WW-4523 > Project: Struts 2 > Issue Type: Improvement > Components: Core Interceptors >Reporter: Aleksandr Mashchenko >Assignee: Johannes Geppert >Priority: Trivial > Fix For: 2.5 > > -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-4540) Enable Strict DMI be default
[
https://issues.apache.org/jira/browse/WW-4540?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14724851#comment-14724851
]
ASF GitHub Bot commented on WW-4540:
GitHub user lukaszlenart opened a pull request:
https://github.com/apache/struts/pull/47
WW-4540: Strict DMI
This PR enables `Strict DMI` be default (or rather it's always enabled).
Thus will limit possible methods which can be called and executed as an action
methods.
Right now you can configure `global-allowed-methods` and `allowed-methods`
via `struts.xml` only but I'm going to add support for annotations as well.
To use the new functionality you must update DTD definition to `2.5`
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/lukaszlenart/struts strict-dmi
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/struts/pull/47.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #47
commit 065b5b79ae068ab7891a4232a0769290fd21bb17
Author: Lukasz Lenart
Date: 2015-08-31T12:31:59Z
Drops wildcard as a valid action method
commit ce884e92a15ef601b0e119963d3c521fa68d8bb1
Author: Lukasz Lenart
Date: 2015-08-31T12:33:31Z
Defines global-allowed-methods
commit fd22e3a16c88ef0528c1e26e0d6bdfdf1c02c755
Author: Lukasz Lenart
Date: 2015-08-31T12:35:16Z
Uses global-allowed-methods config para
commit 55b8070048cbec0a6e08b1781f81b1bfdb3354f2
Author: Lukasz Lenart
Date: 2015-08-31T12:41:57Z
Drops strict DMI
commit fb0c4a58507c7fb1af135bb376af5b475f43d7ee
Author: Lukasz Lenart
Date: 2015-08-31T12:42:44Z
Drops outdated attribute
commit 4565993463f660e9be90b9fe9c3597ce54b58917
Author: Lukasz Lenart
Date: 2015-08-31T12:43:21Z
Extends Unknown Handler to allowed check if method is allowed
commit c3f4457b8b8ad6bd0e89646d825f2ef5f9f91118
Author: Lukasz Lenart
Date: 2015-08-31T12:43:31Z
Fixes tests
commit c1928ad06bdfbe245b1ed7d5bfeb07ed9bface37
Author: Lukasz Lenart
Date: 2015-08-31T16:36:04Z
Fixes tests
commit 3b31c428856766389ad6df4ba1edc3d60ecf5e24
Author: Lukasz Lenart
Date: 2015-08-31T16:36:29Z
Adds support for wildcards
commit 185530464b838b3aac9681b5ff5b16401ccef56d
Author: Lukasz Lenart
Date: 2015-08-31T16:36:41Z
Simplifies implementation
commit 47a01eab10d940fdc134cb666d3d2db0280d8ca8
Author: Lukasz Lenart
Date: 2015-08-31T18:28:45Z
Fixes typo
commit 63bb6e30e75facf5382608857494cf971f0378dd
Author: Lukasz Lenart
Date: 2015-08-31T19:06:06Z
Adds missing comma
commit 4c7a7dd6c02457cf006318ed4621b7c432cc478c
Author: Lukasz Lenart
Date: 2015-08-31T19:46:16Z
Adds null-safety
commit 77691563b9b8d2ad01c078a66d1ed207bf3611b3
Author: Lukasz Lenart
Date: 2015-08-31T19:46:47Z
Implements required method
commit dd406fbb04e755c0545c318c3ea099674fb78363
Author: Lukasz Lenart
Date: 2015-08-31T19:46:55Z
Fixes test
> Enable Strict DMI be default
>
>
> Key: WW-4540
> URL: https://issues.apache.org/jira/browse/WW-4540
> Project: Struts 2
> Issue Type: Improvement
> Components: Core Actions
>Reporter: Lukasz Lenart
>Assignee: Lukasz Lenart
> Fix For: 2.5
>
>
> Struts 2 already support {{Strict DMI}} but it's disabled by default.
> {{Strict DMI}} should be always enable to allow access only specific methods.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Commented] (WW-4544) Improve ContainUtil for uniform comparison
[ https://issues.apache.org/jira/browse/WW-4544?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14736625#comment-14736625 ] ASF GitHub Bot commented on WW-4544: Github user quaff commented on the pull request: https://github.com/apache/struts/pull/48#issuecomment-138866897 You are so quick, I create WW-4544 just now. > Improve ContainUtil for uniform comparison > -- > > Key: WW-4544 > URL: https://issues.apache.org/jira/browse/WW-4544 > Project: Struts 2 > Issue Type: Improvement >Reporter: zhouyanming > > https://github.com/apache/struts/pull/48 -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-4539) Handling array of tokens in token session interceptor to prevent CSRF attack in an async-request app
[ https://issues.apache.org/jira/browse/WW-4539?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14739623#comment-14739623 ] ASF GitHub Bot commented on WW-4539: GitHub user yasserzamani opened a pull request: https://github.com/apache/struts/pull/49 WW-4539 Support list of tokens to prevent CSRF attack in async requests Nowadays, modern web applications use JQuery, and so, they can send multiple async requests in parallel to the web server. Struts has a great token mechanism which one of it's use cases is preventing from CSRF attack, but it's not usable or hard to use when the user application has multiple valid submission from one jsp using JQuery. This pull request contains all changes needed to enable Struts to handle this, transparently (i.e. these changes do not break current user application which uses previous token mechanism). Also, this is protected from DOS attack by supplying a maximum for count of concurrent valid requests. I hope you enjoy it. Thanks! You can merge this pull request into a Git repository by running: $ git pull https://github.com/yasserzamani/struts master Alternatively you can review and apply these changes as the patch at: https://github.com/apache/struts/pull/49.patch To close this pull request, make a commit to your master/trunk branch with (at least) the following in the commit message: This closes #49 commit 5335d68de6a0ab3543e56f1650d7aaa7e8a40d3f Author: Yasser Zamani Date: 2015-09-10T20:59:17Z WW-4539 Support list of tokens to prevent CSRF attack in async requests > Handling array of tokens in token session interceptor to prevent CSRF attack > in an async-request app > > > Key: WW-4539 > URL: https://issues.apache.org/jira/browse/WW-4539 > Project: Struts 2 > Issue Type: Improvement > Components: Core Interceptors >Affects Versions: Future >Reporter: Yasser Zamani >Priority: Trivial > Labels: security > Fix For: 2.3.x > > > We have an application based on Struts2 which may call multiple async actions > via JQuery AJAX post or form post. To prevent this application from CSRF > attacks I'm going to write my own interceptor which is very similar to > Struts2 token session interceptor. But this one holds an array of valid > tokens instead of one token to enable user to have async multiple requests > with different valid token for each one. i.e. my own token TAG will generate > different tokens in each inclusion even in one JSP and thread. So, different > part of JSP can have their own async requests with valid tokens. Each token > will be removed from array when corresponded request has finished. > I decided to share my work to you for two reasons: > 1. Maybe you are interested too to have this feature in Struts core. > 2. To get your feedback if this solution works to prevent CSRF attacks. I > just copy from token session interceptor and current token tag in Struts core > but still I'm wory about thread safety of my work or any other issue. > Thanks in advance! -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-4539) Handling array of tokens in token session interceptor to prevent CSRF attack in an async-request app
[ https://issues.apache.org/jira/browse/WW-4539?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14740260#comment-14740260 ] ASF GitHub Bot commented on WW-4539: Github user aleksandr-m commented on the pull request: https://github.com/apache/struts/pull/49#issuecomment-139461467 Do we really need a list of tokens? Currently if you use different names for tokens they all will be [stored into session](https://github.com/apache/struts/blob/master/core/src/main/java/org/apache/struts2/util/TokenHelper.java#L91). Does using token tag with a name solve you problem? > Handling array of tokens in token session interceptor to prevent CSRF attack > in an async-request app > > > Key: WW-4539 > URL: https://issues.apache.org/jira/browse/WW-4539 > Project: Struts 2 > Issue Type: Improvement > Components: Core Interceptors >Affects Versions: Future >Reporter: Yasser Zamani >Priority: Trivial > Labels: security > Fix For: 2.5 > > > We have an application based on Struts2 which may call multiple async actions > via JQuery AJAX post or form post. To prevent this application from CSRF > attacks I'm going to write my own interceptor which is very similar to > Struts2 token session interceptor. But this one holds an array of valid > tokens instead of one token to enable user to have async multiple requests > with different valid token for each one. i.e. my own token TAG will generate > different tokens in each inclusion even in one JSP and thread. So, different > part of JSP can have their own async requests with valid tokens. Each token > will be removed from array when corresponded request has finished. > I decided to share my work to you for two reasons: > 1. Maybe you are interested too to have this feature in Struts core. > 2. To get your feedback if this solution works to prevent CSRF attacks. I > just copy from token session interceptor and current token tag in Struts core > but still I'm wory about thread safety of my work or any other issue. > Thanks in advance! -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-4539) Handling array of tokens in token session interceptor to prevent CSRF attack in an async-request app
[ https://issues.apache.org/jira/browse/WW-4539?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14740403#comment-14740403 ] ASF GitHub Bot commented on WW-4539: Github user yasserzamani closed the pull request at: https://github.com/apache/struts/pull/49 > Handling array of tokens in token session interceptor to prevent CSRF attack > in an async-request app > > > Key: WW-4539 > URL: https://issues.apache.org/jira/browse/WW-4539 > Project: Struts 2 > Issue Type: Improvement > Components: Core Interceptors >Affects Versions: Future >Reporter: Yasser Zamani >Priority: Trivial > Labels: security > Fix For: 2.5 > > > We have an application based on Struts2 which may call multiple async actions > via JQuery AJAX post or form post. To prevent this application from CSRF > attacks I'm going to write my own interceptor which is very similar to > Struts2 token session interceptor. But this one holds an array of valid > tokens instead of one token to enable user to have async multiple requests > with different valid token for each one. i.e. my own token TAG will generate > different tokens in each inclusion even in one JSP and thread. So, different > part of JSP can have their own async requests with valid tokens. Each token > will be removed from array when corresponded request has finished. > I decided to share my work to you for two reasons: > 1. Maybe you are interested too to have this feature in Struts core. > 2. To get your feedback if this solution works to prevent CSRF attacks. I > just copy from token session interceptor and current token tag in Struts core > but still I'm wory about thread safety of my work or any other issue. > Thanks in advance! -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-4539) Handling array of tokens in token session interceptor to prevent CSRF attack in an async-request app
[ https://issues.apache.org/jira/browse/WW-4539?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14740405#comment-14740405 ] ASF GitHub Bot commented on WW-4539: Github user yasserzamani commented on the pull request: https://github.com/apache/struts/pull/49#issuecomment-139486524 @aleksandr-m is genius. Using token tag with different names in same JSP page handles this need perfectly. > Handling array of tokens in token session interceptor to prevent CSRF attack > in an async-request app > > > Key: WW-4539 > URL: https://issues.apache.org/jira/browse/WW-4539 > Project: Struts 2 > Issue Type: Improvement > Components: Core Interceptors >Affects Versions: Future >Reporter: Yasser Zamani >Priority: Trivial > Labels: security > Fix For: 2.5 > > > We have an application based on Struts2 which may call multiple async actions > via JQuery AJAX post or form post. To prevent this application from CSRF > attacks I'm going to write my own interceptor which is very similar to > Struts2 token session interceptor. But this one holds an array of valid > tokens instead of one token to enable user to have async multiple requests > with different valid token for each one. i.e. my own token TAG will generate > different tokens in each inclusion even in one JSP and thread. So, different > part of JSP can have their own async requests with valid tokens. Each token > will be removed from array when corresponded request has finished. > I decided to share my work to you for two reasons: > 1. Maybe you are interested too to have this feature in Struts core. > 2. To get your feedback if this solution works to prevent CSRF attacks. I > just copy from token session interceptor and current token tag in Struts core > but still I'm wory about thread safety of my work or any other issue. > Thanks in advance! -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-4540) Enable Strict DMI be default
[
https://issues.apache.org/jira/browse/WW-4540?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14933784#comment-14933784
]
ASF GitHub Bot commented on WW-4540:
Github user asfgit closed the pull request at:
https://github.com/apache/struts/pull/47
> Enable Strict DMI be default
>
>
> Key: WW-4540
> URL: https://issues.apache.org/jira/browse/WW-4540
> Project: Struts 2
> Issue Type: Improvement
> Components: Core Actions
>Reporter: Lukasz Lenart
>Assignee: Lukasz Lenart
> Fix For: 2.5
>
>
> Struts 2 already supports {{Strict DMI}} but it's disabled by default.
> {{Strict DMI}} should be always enable to allow access only specific methods.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Commented] (WW-4550) HttpHeader Result documentation page is 100% unusable due to IndexOutOfBoundsException
[ https://issues.apache.org/jira/browse/WW-4550?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14935291#comment-14935291 ] ASF GitHub Bot commented on WW-4550: GitHub user andrea-ligios opened a pull request: https://github.com/apache/struts/pull/51 Correcting typos... https://issues.apache.org/jira/browse/WW-4550?focusedCommentId=14934912&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-14934912 You can merge this pull request into a Git repository by running: $ git pull https://github.com/andrea-ligios/struts patch-1 Alternatively you can review and apply these changes as the patch at: https://github.com/apache/struts/pull/51.patch To close this pull request, make a commit to your master/trunk branch with (at least) the following in the commit message: This closes #51 commit 9638d7adaa9aaed3473e17c9291abdc3421a868a Author: Andrea Ligios Date: 2015-09-29T14:59:30Z Correcting typos... https://issues.apache.org/jira/browse/WW-4550?focusedCommentId=14934912&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-14934912 > HttpHeader Result documentation page is 100% unusable due to > IndexOutOfBoundsException > -- > > Key: WW-4550 > URL: https://issues.apache.org/jira/browse/WW-4550 > Project: Struts 2 > Issue Type: Bug > Components: Documentation >Reporter: Andrea Ligios >Assignee: Lukasz Lenart >Priority: Minor > Fix For: 2.3.x > > > This page > https://struts.apache.org/docs/httpheader-result.html > gives the following error > > Error formatting macro: snippet: java.lang.IndexOutOfBoundsException: > > Index: 20, Size: 20 > in each section. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-4550) HttpHeader Result documentation page is 100% unusable due to IndexOutOfBoundsException
[ https://issues.apache.org/jira/browse/WW-4550?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14936546#comment-14936546 ] ASF GitHub Bot commented on WW-4550: Github user asfgit closed the pull request at: https://github.com/apache/struts/pull/51 > HttpHeader Result documentation page is 100% unusable due to > IndexOutOfBoundsException > -- > > Key: WW-4550 > URL: https://issues.apache.org/jira/browse/WW-4550 > Project: Struts 2 > Issue Type: Bug > Components: Documentation >Reporter: Andrea Ligios >Assignee: Lukasz Lenart >Priority: Minor > Fix For: 2.3.x > > > This page > https://struts.apache.org/docs/httpheader-result.html > gives the following error > > Error formatting macro: snippet: java.lang.IndexOutOfBoundsException: > > Index: 20, Size: 20 > in each section. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-4551) Allowing conversion of RFC3339 dates with date part only (yyyy-MM-dd) as per HTML5 and w3 standard for (and others).
[
https://issues.apache.org/jira/browse/WW-4551?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14948856#comment-14948856
]
ASF GitHub Bot commented on WW-4551:
Github user andrea-ligios commented on the pull request:
https://github.com/apache/struts/pull/52#issuecomment-146581055
@wolpi Thanky you! You could vote the
[JIRA](https://issues.apache.org/jira/browse/WW-4551) if interested :)
The tests are in this file:
https://github.com/andrea-ligios/struts/blob/d95fc63992f3892519d970b07052776e0401003a/core/src/test/java/com/opensymphony/xwork2/conversion/impl/XWorkConverterTest.java
The test could be added in the `testDateConversion()` method, the code
should be:
Date dateRfc3339 = (Date) converter.convertValue(context, null, null,
null, "2001-01-10", Date.class);
assertEquals(date, dateRfc3339);
Could you add it to that file ? I'm just new to the whole thing (Git,
GitHub, etc...). Thanks
> Allowing conversion of RFC3339 dates with date part only (-MM-dd) as per
> HTML5 and w3 standard for (and others).
> --
>
> Key: WW-4551
> URL: https://issues.apache.org/jira/browse/WW-4551
> Project: Struts 2
> Issue Type: Improvement
> Components: Core Actions
>Affects Versions: 2.3.24
>Reporter: Andrea Ligios
> Fix For: 2.3.x
>
>
> Facts:
> - {code:xml}{code} is the HTML5 standard for inputing
> dates. It works in many browsers: Chrome, Opera, almost every mobile browsers
> - where it is fundamental - and the coverage can only grow.
> - [w3 has chosen the RFC3339 *with date
> only*|http://www.w3.org/TR/html-markup/input.date.html#input.date.attrs.value]
> as *value format* {code}-MM-dd{code} while transparently handling the
> *display format* according to the Locale.
> This means that, for example, americans see {code}MM/dd/{code}, italians
> see {code}dd/MM/{code}, but both of them send {code}-MM-dd{code} to
> the server. *Without the time part*.
> - Struts Date Converter already works for:
> {code:title=DateConverter.java|borderStyle=solid}
> DateFormat dt1 = DateFormat.getDateTimeInstance(DateFormat.SHORT,
> DateFormat.LONG, locale);
> DateFormat dt2 = DateFormat.getDateTimeInstance(DateFormat.SHORT,
> DateFormat.MEDIUM, locale);
> DateFormat dt3 = DateFormat.getDateTimeInstance(DateFormat.SHORT,
> DateFormat.SHORT, locale);
> DateFormat d1 = DateFormat.getDateInstance(DateFormat.SHORT, locale);
> DateFormat d2 = DateFormat.getDateInstance(DateFormat.MEDIUM, locale);
> DateFormat d3 = DateFormat.getDateInstance(DateFormat.LONG, locale);
> DateFormat rfc3339 = new SimpleDateFormat("-MM-dd'T'HH:mm:ss");
> {code}
> with a final fallback to {code:java}DateFormat.SHORT{code} if nothing worked
> (in case of Time and Timestamps too).
> My idea is:
> can we add the support for *date-only RFC3339*, that is the one sent by the
> browser, *in addition* to the ones already there ? No existing code would
> break, and we'd have a standard, automatic conversion for a popular, growing
> *standard*.
> I can't see any cons. Can you ?
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Commented] (WW-4139) Validation of non-default methods not being executed
[ https://issues.apache.org/jira/browse/WW-4139?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14997607#comment-14997607 ] ASF GitHub Bot commented on WW-4139: GitHub user LukaszRacon opened a pull request: https://github.com/apache/struts/pull/57 Form.getValidators does not respect validateAnnotatedMethodOnly flag WW-4139 removed method name from getValidators call. While this works fine for a case mentioned in that ticket it fails to account for a case when dynamicMethodCalls and validateAnnotatedMethodOnly are used. Without method name actionValidatorManager.getValidators returns all validators defined for a given field. Expected behavior for dynamicMethodCalls with validateAnnotatedMethodOnly case is to return validators for a given field defined at the method level. You can merge this pull request into a Git repository by running: $ git pull https://github.com/LukaszRacon/struts form-validators Alternatively you can review and apply these changes as the patch at: https://github.com/apache/struts/pull/57.patch To close this pull request, make a commit to your master/trunk branch with (at least) the following in the commit message: This closes #57 commit ee562666abf01faf4dd73f65c9f4d77b079423d1 Author: Lukasz Racon Date: 2015-11-09T23:02:02Z Form.getValidators does not respect validateAnnotatedMethodOnly flag WW-4139 removed method name from getValidators call. While this works fine for a case mentioned in that ticket it fails to account for a case when dynamicMethodCalls and validateAnnotatedMethodOnly are used. Without method name actionValidatorManager.getValidators returns all validators defined for a given field. Expected behavior for dynamicMethodCalls with validateAnnotatedMethodOnly case is to return validators for a given field defined at the method level. > Validation of non-default methods not being executed > > > Key: WW-4139 > URL: https://issues.apache.org/jira/browse/WW-4139 > Project: Struts 2 > Issue Type: Bug >Affects Versions: 2.3.15 >Reporter: Bruno Klava >Assignee: Lukasz Lenart > Fix For: 2.3.16 > > > Code sample: https://github.com/bklava/struts > In the example, in the index action/page, there are 2 forms: the difference > is that the form 1 submits to the action without setting a method (then > calling the default execute() method), while the form 2 submits to the same > action but calling a specific method. > The validator is set annotating the field setter method, so it should be > available either to the default execute method and to the non-default method. > This is exactly the behaviour obtained when using Struts 2.3.14.3. > After switching to Struts 2.3.15, the form 2 validation is not executed at > all. > As far as I can tell, this difference is due to changes made in > org.apache.struts2.components.Form.getValidators(String name) -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-4139) Validation of non-default methods not being executed
[ https://issues.apache.org/jira/browse/WW-4139?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15002129#comment-15002129 ] ASF GitHub Bot commented on WW-4139: Github user asfgit closed the pull request at: https://github.com/apache/struts/pull/57 > Validation of non-default methods not being executed > > > Key: WW-4139 > URL: https://issues.apache.org/jira/browse/WW-4139 > Project: Struts 2 > Issue Type: Bug >Affects Versions: 2.3.15 >Reporter: Bruno Klava >Assignee: Lukasz Lenart > Fix For: 2.3.16 > > > Code sample: https://github.com/bklava/struts > In the example, in the index action/page, there are 2 forms: the difference > is that the form 1 submits to the action without setting a method (then > calling the default execute() method), while the form 2 submits to the same > action but calling a specific method. > The validator is set annotating the field setter method, so it should be > available either to the default execute method and to the non-default method. > This is exactly the behaviour obtained when using Struts 2.3.14.3. > After switching to Struts 2.3.15, the form 2 validation is not executed at > all. > As far as I can tell, this difference is due to changes made in > org.apache.struts2.components.Form.getValidators(String name) -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-4568) Upgrade Tiles 2 to latest available Tiles 2 version
[ https://issues.apache.org/jira/browse/WW-4568?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15027463#comment-15027463 ] ASF GitHub Bot commented on WW-4568: GitHub user lukaszlenart opened a pull request: https://github.com/apache/struts/pull/59 Upgrade tiles plugin Fixes WW-4568 This PR upgrades the Tiles Plugin and adjusts its API to be compatible with Tiles 2.2.2 - this allows introduce support for OGNL, EL, Wildcards and so on. You can merge this pull request into a Git repository by running: $ git pull https://github.com/lukaszlenart/struts upgrade-tiles-plugin Alternatively you can review and apply these changes as the patch at: https://github.com/apache/struts/pull/59.patch To close this pull request, make a commit to your master/trunk branch with (at least) the following in the commit message: This closes #59 commit 85b219813f982ad28059197c6ebcb0b099f7e4b3 Author: Lukasz Lenart Date: 2015-11-25T19:22:31Z Adds required dependencies commit 70716e945295526d207cab6c66306a3113f8a333 Author: Lukasz Lenart Date: 2015-11-25T19:29:18Z Re-implements tiles integration based on new API commit 24a5bce6c436ddaea9f65f792b280fdd6f9c4ae3 Author: Lukasz Lenart Date: 2015-11-25T19:29:24Z Drops unused classes commit 26f153d262f7a4dfb767c391afece8ac1d9e1c0d Author: Lukasz Lenart Date: 2015-11-25T19:29:43Z Replaces call to deprecated api commit 6edc0ff5e0410651f7055654116c3346aeaa4ee5 Author: Lukasz Lenart Date: 2015-11-25T19:37:42Z Updates Portal Tiles integration > Upgrade Tiles 2 to latest available Tiles 2 version > --- > > Key: WW-4568 > URL: https://issues.apache.org/jira/browse/WW-4568 > Project: Struts 2 > Issue Type: Improvement > Components: Plugin - Tiles >Affects Versions: 2.3.24 >Reporter: Lukasz Lenart > Fix For: 2.5 > > -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-4568) Upgrade Tiles 2 to latest available Tiles 2 version
[ https://issues.apache.org/jira/browse/WW-4568?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15030539#comment-15030539 ] ASF GitHub Bot commented on WW-4568: GitHub user lukaszlenart opened a pull request: https://github.com/apache/struts/pull/60 Struts 2.3.x: Tiles plugin upgrade Fixes [WW-4568](https://issues.apache.org/jira/browse/WW-4568) This PR upgrades the Tiles Plugin and adjusts its API to be compatible with Tiles 2.2.2 - this allows introduce support for OGNL, EL, Wildcards and so on. You can merge this pull request into a Git repository by running: $ git pull https://github.com/lukaszlenart/struts tiles-plugin-upgrade-struts-2-3 Alternatively you can review and apply these changes as the patch at: https://github.com/apache/struts/pull/60.patch To close this pull request, make a commit to your master/trunk branch with (at least) the following in the commit message: This closes #60 commit 1dc545e34c19520c0ba780b43c53a28f5e3e9484 Author: Lukasz Lenart Date: 2015-11-25T19:22:31Z Adds required dependencies (cherry picked from commit 85b2198) commit 9862580bbee704cff63b917f3dfda62d21c1bad5 Author: Lukasz Lenart Date: 2015-11-25T19:29:18Z Re-implements tiles integration based on new API (cherry picked from commit 70716e9) commit efcea81b67d260835eff9c811efe20a816df7213 Author: Lukasz Lenart Date: 2015-11-25T19:29:24Z Drops unused classes (cherry picked from commit 24a5bce) commit 5d30eb1ad21d369a5e5e844363f3ec1e0e93d03a Author: Lukasz Lenart Date: 2015-11-25T19:29:43Z Replaces call to deprecated api (cherry picked from commit 26f153d) commit ddeb7f0f7cc2600ceb36b8532fc433861a38c20e Author: Lukasz Lenart Date: 2015-11-25T19:37:42Z Updates Portal Tiles integration (cherry picked from commit 6edc0ff) commit 913944b8eee6c5565cb665b5477953be9b85152a Author: Lukasz Lenart Date: 2015-11-25T19:54:39Z Adds missing header with license (cherry picked from commit 27ad6cb) commit f19e4be947c00511a91ea2d806c9c483694f7485 Author: Lukasz Lenart Date: 2015-11-27T12:36:52Z Registers Tiles model (cherry picked from commit 388861f) commit 27aa7e1e27546effcfc1e4214d231b4a31263fb5 Author: Lukasz Lenart Date: 2015-11-28T14:39:47Z Fixes dependency clash (cherry picked from commit 6622fab25bee1dae9085cca56b87711f3197916d) Conflicts: apps/showcase/pom.xml plugins/bean-validation/pom.xml > Upgrade Tiles 2 to latest available Tiles 2 version > --- > > Key: WW-4568 > URL: https://issues.apache.org/jira/browse/WW-4568 > Project: Struts 2 > Issue Type: Improvement > Components: Plugin - Tiles >Affects Versions: 2.3.24 >Reporter: Lukasz Lenart > Fix For: 2.3.25 > > -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-4269) blank double results in NumberFormatException being thrown on sending JSON in request body
[ https://issues.apache.org/jira/browse/WW-4269?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15075919#comment-15075919 ] ASF GitHub Bot commented on WW-4269: GitHub user victorsosa opened a pull request: https://github.com/apache/struts/pull/61 fix for WW-4269 blank double results in NumberFormatException being thrown on sending JSON in request body You can merge this pull request into a Git repository by running: $ git pull https://github.com/victorsosa/struts master Alternatively you can review and apply these changes as the patch at: https://github.com/apache/struts/pull/61.patch To close this pull request, make a commit to your master/trunk branch with (at least) the following in the commit message: This closes #61 commit db483ccd153caa97137f00cb4ff2ebd35143d56e Author: Victor Sosa Date: 2015-12-30T17:36:58Z fix for WW-4269 blank double results in NumberFormatException being thrown on sending JSON in request body > blank double results in NumberFormatException being thrown on sending JSON in > request body > -- > > Key: WW-4269 > URL: https://issues.apache.org/jira/browse/WW-4269 > Project: Struts 2 > Issue Type: Bug > Components: Plugin - JSON >Affects Versions: 2.3.15 > Environment: windows 7 64-bit, jdk 7 & struts2.3.15 >Reporter: Nitin Surana >Priority: Blocker > Labels: easyfix > Fix For: 2.5 > > Attachments: ww-4269.patch > > > If the http request contains JSON in the body, which has any problem in > getting converted to an object, then it throws Exception calling the > global-exception-handler. Instead it should return INPUT as by the validate > interceptor, mentioning the field having the error in fieldErrors. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-4269) blank double results in NumberFormatException being thrown on sending JSON in request body
[ https://issues.apache.org/jira/browse/WW-4269?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15076133#comment-15076133 ] ASF GitHub Bot commented on WW-4269: Github user victorsosa commented on the pull request: https://github.com/apache/struts/pull/61#issuecomment-168245052 I included the ww-4576 and ww-4577 > blank double results in NumberFormatException being thrown on sending JSON in > request body > -- > > Key: WW-4269 > URL: https://issues.apache.org/jira/browse/WW-4269 > Project: Struts 2 > Issue Type: Bug > Components: Plugin - JSON >Affects Versions: 2.3.15 > Environment: windows 7 64-bit, jdk 7 & struts2.3.15 >Reporter: Nitin Surana >Priority: Blocker > Labels: easyfix > Fix For: 2.5 > > Attachments: ww-4269.patch > > > If the http request contains JSON in the body, which has any problem in > getting converted to an object, then it throws Exception calling the > global-exception-handler. Instead it should return INPUT as by the validate > interceptor, mentioning the field having the error in fieldErrors. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-4269) blank double results in NumberFormatException being thrown on sending JSON in request body
[
https://issues.apache.org/jira/browse/WW-4269?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15076533#comment-15076533
]
ASF GitHub Bot commented on WW-4269:
Github user lukaszlenart commented on a diff in the pull request:
https://github.com/apache/struts/pull/61#discussion_r48685153
--- Diff: core/pom.xml ---
@@ -240,6 +240,7 @@
ognl
ognl
+${ognl.version}
--- End diff --
It isn't needed, `version` is inherited from parent pom.
> blank double results in NumberFormatException being thrown on sending JSON in
> request body
> --
>
> Key: WW-4269
> URL: https://issues.apache.org/jira/browse/WW-4269
> Project: Struts 2
> Issue Type: Bug
> Components: Plugin - JSON
>Affects Versions: 2.3.15
> Environment: windows 7 64-bit, jdk 7 & struts2.3.15
>Reporter: Nitin Surana
>Priority: Blocker
> Labels: easyfix
> Fix For: 2.5
>
> Attachments: ww-4269.patch
>
>
> If the http request contains JSON in the body, which has any problem in
> getting converted to an object, then it throws Exception calling the
> global-exception-handler. Instead it should return INPUT as by the validate
> interceptor, mentioning the field having the error in fieldErrors.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Commented] (WW-4269) blank double results in NumberFormatException being thrown on sending JSON in request body
[
https://issues.apache.org/jira/browse/WW-4269?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15076535#comment-15076535
]
ASF GitHub Bot commented on WW-4269:
Github user victorsosa commented on a diff in the pull request:
https://github.com/apache/struts/pull/61#discussion_r48685182
--- Diff: core/pom.xml ---
@@ -240,6 +240,7 @@
ognl
ognl
+${ognl.version}
--- End diff --
Ok, I will remove it
> blank double results in NumberFormatException being thrown on sending JSON in
> request body
> --
>
> Key: WW-4269
> URL: https://issues.apache.org/jira/browse/WW-4269
> Project: Struts 2
> Issue Type: Bug
> Components: Plugin - JSON
>Affects Versions: 2.3.15
> Environment: windows 7 64-bit, jdk 7 & struts2.3.15
>Reporter: Nitin Surana
>Priority: Blocker
> Labels: easyfix
> Fix For: 2.5
>
> Attachments: ww-4269.patch
>
>
> If the http request contains JSON in the body, which has any problem in
> getting converted to an object, then it throws Exception calling the
> global-exception-handler. Instead it should return INPUT as by the validate
> interceptor, mentioning the field having the error in fieldErrors.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Commented] (WW-4269) blank double results in NumberFormatException being thrown on sending JSON in request body
[
https://issues.apache.org/jira/browse/WW-4269?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15076545#comment-15076545
]
ASF GitHub Bot commented on WW-4269:
Github user victorsosa commented on a diff in the pull request:
https://github.com/apache/struts/pull/61#discussion_r48685231
--- Diff: core/pom.xml ---
@@ -240,6 +240,7 @@
ognl
ognl
+${ognl.version}
--- End diff --
it is ready
> blank double results in NumberFormatException being thrown on sending JSON in
> request body
> --
>
> Key: WW-4269
> URL: https://issues.apache.org/jira/browse/WW-4269
> Project: Struts 2
> Issue Type: Bug
> Components: Plugin - JSON
>Affects Versions: 2.3.15
> Environment: windows 7 64-bit, jdk 7 & struts2.3.15
>Reporter: Nitin Surana
>Priority: Blocker
> Labels: easyfix
> Fix For: 2.5
>
> Attachments: ww-4269.patch
>
>
> If the http request contains JSON in the body, which has any problem in
> getting converted to an object, then it throws Exception calling the
> global-exception-handler. Instead it should return INPUT as by the validate
> interceptor, mentioning the field having the error in fieldErrors.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Commented] (WW-4269) blank double results in NumberFormatException being thrown on sending JSON in request body
[ https://issues.apache.org/jira/browse/WW-4269?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15076550#comment-15076550 ] ASF GitHub Bot commented on WW-4269: Github user asfgit closed the pull request at: https://github.com/apache/struts/pull/61 > blank double results in NumberFormatException being thrown on sending JSON in > request body > -- > > Key: WW-4269 > URL: https://issues.apache.org/jira/browse/WW-4269 > Project: Struts 2 > Issue Type: Bug > Components: Plugin - JSON >Affects Versions: 2.3.15 > Environment: windows 7 64-bit, jdk 7 & struts2.3.15 >Reporter: Nitin Surana >Priority: Blocker > Labels: easyfix > Fix For: 2.5 > > Attachments: ww-4269.patch > > > If the http request contains JSON in the body, which has any problem in > getting converted to an object, then it throws Exception calling the > global-exception-handler. Instead it should return INPUT as by the validate > interceptor, mentioning the field having the error in fieldErrors. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-4269) blank double results in NumberFormatException being thrown on sending JSON in request body
[ https://issues.apache.org/jira/browse/WW-4269?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15076558#comment-15076558 ] ASF GitHub Bot commented on WW-4269: Github user victorsosa commented on the pull request: https://github.com/apache/struts/pull/61#issuecomment-168402272 Glad to help, I will be committing more code > blank double results in NumberFormatException being thrown on sending JSON in > request body > -- > > Key: WW-4269 > URL: https://issues.apache.org/jira/browse/WW-4269 > Project: Struts 2 > Issue Type: Bug > Components: Plugin - JSON >Affects Versions: 2.3.15 > Environment: windows 7 64-bit, jdk 7 & struts2.3.15 >Reporter: Nitin Surana >Priority: Blocker > Labels: easyfix > Fix For: 2.5 > > Attachments: ww-4269.patch > > > If the http request contains JSON in the body, which has any problem in > getting converted to an object, then it throws Exception calling the > global-exception-handler. Instead it should return INPUT as by the validate > interceptor, mentioning the field having the error in fieldErrors. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-4269) blank double results in NumberFormatException being thrown on sending JSON in request body
[ https://issues.apache.org/jira/browse/WW-4269?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15076594#comment-15076594 ] ASF GitHub Bot commented on WW-4269: Github user lukaszlenart commented on the pull request: https://github.com/apache/struts/pull/61#issuecomment-168408251 Thanks! > blank double results in NumberFormatException being thrown on sending JSON in > request body > -- > > Key: WW-4269 > URL: https://issues.apache.org/jira/browse/WW-4269 > Project: Struts 2 > Issue Type: Bug > Components: Plugin - JSON >Affects Versions: 2.3.15 > Environment: windows 7 64-bit, jdk 7 & struts2.3.15 >Reporter: Nitin Surana >Priority: Blocker > Labels: easyfix > Fix For: 2.5 > > Attachments: ww-4269.patch > > > If the http request contains JSON in the body, which has any problem in > getting converted to an object, then it throws Exception calling the > global-exception-handler. Instead it should return INPUT as by the validate > interceptor, mentioning the field having the error in fieldErrors. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-4573) NPE/ concurrent modification exception
[
https://issues.apache.org/jira/browse/WW-4573?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15076639#comment-15076639
]
ASF GitHub Bot commented on WW-4573:
GitHub user victorsosa opened a pull request:
https://github.com/apache/struts/pull/63
fix for WW-4573
NPE/ concurrent modification exception
using a CopyOnWriteArrayList. This is to keep Memory consistency on the
ValueStack.
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/victorsosa/struts patch
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/struts/pull/63.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #63
commit 1df5a75bfcc3c1093a2516f16258bbe96d5d8dcf
Author: Victor Sosa
Date: 2016-01-02T19:18:37Z
fix for WW-4573
NPE/ concurrent modification exception
using a CopyOnWriteArrayList. This is to keep Memory consistency on the
ValueStack.
> NPE/ concurrent modification exception
> --
>
> Key: WW-4573
> URL: https://issues.apache.org/jira/browse/WW-4573
> Project: Struts 2
> Issue Type: Bug
>Affects Versions: 2.3.24
>Reporter: adam brin
>Priority: Minor
> Fix For: 2.3.25
>
>
> Apologies for the lack of contextual information, it appears that there were
> no other errors logged that add context. But, we're seeing a few of these
> each day in our production exception logs. It looks like something may have
> changed in how the ValueStack has been referenced /called and thus is causing
> a concurrent modification exception.
> {code}
> ERROR 2015-11-29 09:21:43,987 389933021 [ajp-bio-8009-exec-6841 []]
> (CommonsLogger.java:42)
> com.opensymphony.xwork2.interceptor.ExceptionMappingInterceptor - null
> org.apache.struts2.StrutsException
> at org.apache.struts2.components.UIBean.end(UIBean.java:540)
> ~[struts2-core-2.3.24.1.jar:2.3.24.1]
> at
> org.apache.struts2.views.freemarker.tags.CallbackWriter.afterBody(CallbackWriter.java:84)
> ~[struts2-core-2.3.24.1.jar:2.3.24.1]
> at
> freemarker.core.Environment.visitAndTransform(Environment.java:427)
> ~[freemarker-2.3.23.jar:2.3.23]
> at freemarker.core.UnifiedCall.accept(UnifiedCall.java:107)
> ~[freemarker-2.3.23.jar:2.3.23]
> at freemarker.core.Environment.visit(Environment.java:324)
> ~[freemarker-2.3.23.jar:2.3.23]
> at freemarker.core.MixedContent.accept(MixedContent.java:54)
> ~[freemarker-2.3.23.jar:2.3.23]
> at
> freemarker.core.Environment.visitByHiddingParent(Environment.java:345)
> ~[freemarker-2.3.23.jar:2.3.23]
> at freemarker.core.IfBlock.accept(IfBlock.java:48)
> ~[freemarker-2.3.23.jar:2.3.23]
> at
> freemarker.core.Environment.visitByHiddingParent(Environment.java:345)
> ~[freemarker-2.3.23.jar:2.3.23]
> at freemarker.core.ConditionalBlock.accept(ConditionalBlock.java:48)
> ~[freemarker-2.3.23.jar:2.3.23]
> at freemarker.core.Environment.visit(Environment.java:324)
> ~[freemarker-2.3.23.jar:2.3.23]
> at freemarker.core.MixedContent.accept(MixedContent.java:54)
> ~[freemarker-2.3.23.jar:2.3.23]
> at freemarker.core.Environment.visit(Environment.java:324)
> ~[freemarker-2.3.23.jar:2.3.23]
> at freemarker.core.Macro$Context.runMacro(Macro.java:184)
> ~[freemarker-2.3.23.jar:2.3.23]
> at freemarker.core.Environment.invoke(Environment.java:701)
> ~[freemarker-2.3.23.jar:2.3.23]
> at freemarker.core.UnifiedCall.accept(UnifiedCall.java:84)
> ~[freemarker-2.3.23.jar:2.3.23]
> at
> freemarker.core.Environment.visitByHiddingParent(Environment.java:345)
> ~[freemarker-2.3.23.jar:2.3.23]
> at
> freemarker.core.IteratorBlock$IterationContext.executeNestedBlockInner(IteratorBlock.java:240)
> ~[freemarker-2.3.23.jar:2.3.23]
> at
> freemarker.core.IteratorBlock$IterationContext.executeNestedBlock(IteratorBlock.java:220)
> ~[freemarker-2.3.23.jar:2.3.23]
> at
> freemarker.core.IteratorBlock$IterationContext.accept(IteratorBlock.java:194)
> ~[freemarker-2.3.23.jar:2.3.23]
> at
> freemarker.core.Environment.visitIteratorBlock(Environment.java:572)
> ~[freemarker-2.3.23.jar:2.3.23]
> at
> freemarker.core.IteratorBlock.acceptWithResult(IteratorBlock.java:78)
> ~[freemarker-2.3.23.jar:2.3.23]
> at freemarker.core.IteratorBlock.accept(IteratorBlock.java:64)
> ~[freemarker-2.3.23.jar:2.3.23]
> at freemarker.core.Environment.visit(Environment.java:324)
> ~[freemarker-2.3.23.jar:2.3.23]
> at freemarker.core.MixedContent.accept(MixedContent.java:54)
> ~[freemarker-2.3.23.jar:2.3.23]
>
[jira] [Commented] (WW-3462) connection open after report generation
[
https://issues.apache.org/jira/browse/WW-3462?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15080404#comment-15080404
]
ASF GitHub Bot commented on WW-3462:
GitHub user victorsosa opened a pull request:
https://github.com/apache/struts/pull/64
Patch WW-3462 connection open after report generation
Now the connection is close after been used.
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/victorsosa/struts master
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/struts/pull/64.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #64
commit 316b8a926e7bec85c83f69b2460a8b7d938d1686
Author: Victor Sosa
Date: 2016-01-03T11:34:00Z
Patch WW-3462
connection open after report generation
Now the connection is close after been used.
commit 38da3f67051bc557312adb234424becf533c5f95
Author: Victor Sosa
Date: 2016-01-03T11:36:34Z
Merge branch 'master' of g...@github.com:victorsosa/struts.git
> connection open after report generation
> ---
>
> Key: WW-3462
> URL: https://issues.apache.org/jira/browse/WW-3462
> Project: Struts 2
> Issue Type: Bug
> Components: Plugin - JasperReports
>Affects Versions: 2.1.8
> Environment: jdk1.5.0_16
>Reporter: Salva
> Fix For: 3.0
>
> Original Estimate: 20m
> Remaining Estimate: 20m
>
> If a report generation was called with connection like following code,
> database connection will not be closed. I suggest to modify doExecute method
> of org.apache.struts2.views.jasperreports.JasperReportsResult class after the
> exportReportToBytes, by adding, in case of conn not null, the conn closing.
> struts.xml
> ...
>
>
> /test/Report.jasper
> myConnection
> attachment
> PDF
>
>
>
> Action execute method code
> ...
> DataSource ds = (DataSource) ictx.lookup("java:jdbc/myApp");
> myConnection = ds.getConnection();
> ...
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Commented] (WW-4381) upgrade to jasperreports 6.0
[ https://issues.apache.org/jira/browse/WW-4381?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15081475#comment-15081475 ] ASF GitHub Bot commented on WW-4381: GitHub user victorsosa opened a pull request: https://github.com/apache/struts/pull/67 Patch WW-4381 upgrade to jasperreports 6.0 Also I accidentally revert the Patch WW-3462 so here is the fix again You can merge this pull request into a Git repository by running: $ git pull https://github.com/victorsosa/struts jasperreports6.0 Alternatively you can review and apply these changes as the patch at: https://github.com/apache/struts/pull/67.patch To close this pull request, make a commit to your master/trunk branch with (at least) the following in the commit message: This closes #67 commit 316b8a926e7bec85c83f69b2460a8b7d938d1686 Author: Victor Sosa Date: 2016-01-03T11:34:00Z Patch WW-3462 connection open after report generation Now the connection is close after been used. commit 38da3f67051bc557312adb234424becf533c5f95 Author: Victor Sosa Date: 2016-01-03T11:36:34Z Merge branch 'master' of g...@github.com:victorsosa/struts.git commit 0e25d596e3da2ac52f5317e7417d353844e8 Author: Victor Sosa Date: 2016-01-03T12:05:03Z A proper way to close the db connection commit e42954219a5a57d8ad7685f7ae9ffbf44367c81d Author: Victor Sosa Date: 2016-01-04T17:50:41Z Patch WW-4381 upgrade to jasperreports 6.0 to 6.0.3 > upgrade to jasperreports 6.0 > > > Key: WW-4381 > URL: https://issues.apache.org/jira/browse/WW-4381 > Project: Struts 2 > Issue Type: Improvement > Components: Plugin - JasperReports >Reporter: zhouyanming > Fix For: 2.5 > > > JasperReportsResult.java is not compatible with jasperreports 6.0 -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-4573) NPE/ concurrent modification exception
[
https://issues.apache.org/jira/browse/WW-4573?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15081593#comment-15081593
]
ASF GitHub Bot commented on WW-4573:
Github user asfgit closed the pull request at:
https://github.com/apache/struts/pull/63
> NPE/ concurrent modification exception
> --
>
> Key: WW-4573
> URL: https://issues.apache.org/jira/browse/WW-4573
> Project: Struts 2
> Issue Type: Bug
>Affects Versions: 2.3.24
>Reporter: adam brin
>Priority: Minor
> Fix For: 2.3.25, 2.5
>
>
> Apologies for the lack of contextual information, it appears that there were
> no other errors logged that add context. But, we're seeing a few of these
> each day in our production exception logs. It looks like something may have
> changed in how the ValueStack has been referenced /called and thus is causing
> a concurrent modification exception.
> {code}
> ERROR 2015-11-29 09:21:43,987 389933021 [ajp-bio-8009-exec-6841 []]
> (CommonsLogger.java:42)
> com.opensymphony.xwork2.interceptor.ExceptionMappingInterceptor - null
> org.apache.struts2.StrutsException
> at org.apache.struts2.components.UIBean.end(UIBean.java:540)
> ~[struts2-core-2.3.24.1.jar:2.3.24.1]
> at
> org.apache.struts2.views.freemarker.tags.CallbackWriter.afterBody(CallbackWriter.java:84)
> ~[struts2-core-2.3.24.1.jar:2.3.24.1]
> at
> freemarker.core.Environment.visitAndTransform(Environment.java:427)
> ~[freemarker-2.3.23.jar:2.3.23]
> at freemarker.core.UnifiedCall.accept(UnifiedCall.java:107)
> ~[freemarker-2.3.23.jar:2.3.23]
> at freemarker.core.Environment.visit(Environment.java:324)
> ~[freemarker-2.3.23.jar:2.3.23]
> at freemarker.core.MixedContent.accept(MixedContent.java:54)
> ~[freemarker-2.3.23.jar:2.3.23]
> at
> freemarker.core.Environment.visitByHiddingParent(Environment.java:345)
> ~[freemarker-2.3.23.jar:2.3.23]
> at freemarker.core.IfBlock.accept(IfBlock.java:48)
> ~[freemarker-2.3.23.jar:2.3.23]
> at
> freemarker.core.Environment.visitByHiddingParent(Environment.java:345)
> ~[freemarker-2.3.23.jar:2.3.23]
> at freemarker.core.ConditionalBlock.accept(ConditionalBlock.java:48)
> ~[freemarker-2.3.23.jar:2.3.23]
> at freemarker.core.Environment.visit(Environment.java:324)
> ~[freemarker-2.3.23.jar:2.3.23]
> at freemarker.core.MixedContent.accept(MixedContent.java:54)
> ~[freemarker-2.3.23.jar:2.3.23]
> at freemarker.core.Environment.visit(Environment.java:324)
> ~[freemarker-2.3.23.jar:2.3.23]
> at freemarker.core.Macro$Context.runMacro(Macro.java:184)
> ~[freemarker-2.3.23.jar:2.3.23]
> at freemarker.core.Environment.invoke(Environment.java:701)
> ~[freemarker-2.3.23.jar:2.3.23]
> at freemarker.core.UnifiedCall.accept(UnifiedCall.java:84)
> ~[freemarker-2.3.23.jar:2.3.23]
> at
> freemarker.core.Environment.visitByHiddingParent(Environment.java:345)
> ~[freemarker-2.3.23.jar:2.3.23]
> at
> freemarker.core.IteratorBlock$IterationContext.executeNestedBlockInner(IteratorBlock.java:240)
> ~[freemarker-2.3.23.jar:2.3.23]
> at
> freemarker.core.IteratorBlock$IterationContext.executeNestedBlock(IteratorBlock.java:220)
> ~[freemarker-2.3.23.jar:2.3.23]
> at
> freemarker.core.IteratorBlock$IterationContext.accept(IteratorBlock.java:194)
> ~[freemarker-2.3.23.jar:2.3.23]
> at
> freemarker.core.Environment.visitIteratorBlock(Environment.java:572)
> ~[freemarker-2.3.23.jar:2.3.23]
> at
> freemarker.core.IteratorBlock.acceptWithResult(IteratorBlock.java:78)
> ~[freemarker-2.3.23.jar:2.3.23]
> at freemarker.core.IteratorBlock.accept(IteratorBlock.java:64)
> ~[freemarker-2.3.23.jar:2.3.23]
> at freemarker.core.Environment.visit(Environment.java:324)
> ~[freemarker-2.3.23.jar:2.3.23]
> at freemarker.core.MixedContent.accept(MixedContent.java:54)
> ~[freemarker-2.3.23.jar:2.3.23]
> at freemarker.core.Environment.visit(Environment.java:324)
> ~[freemarker-2.3.23.jar:2.3.23]
> at freemarker.core.EscapeBlock.accept(EscapeBlock.java:48)
> ~[freemarker-2.3.23.jar:2.3.23]
> at freemarker.core.Environment.visit(Environment.java:324)
> ~[freemarker-2.3.23.jar:2.3.23]
> at freemarker.core.MixedContent.accept(MixedContent.java:54)
> ~[freemarker-2.3.23.jar:2.3.23]
> at freemarker.core.Environment.visit(Environment.java:324)
> ~[freemarker-2.3.23.jar:2.3.23]
> at freemarker.core.Environment.process(Environment.java:302)
> ~[freemarker-2.3.23.jar:2.3.23]
> at freemarker.template.Template.process(Template.java:325)
> ~[freemarker-2.3.23.jar:2.3.23]
> at
> org.apache.struts2.views.freemarker.FreemarkerResult.doExecute(FreemarkerResult.java:223)
>
[jira] [Commented] (WW-3462) connection open after report generation
[
https://issues.apache.org/jira/browse/WW-3462?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15081613#comment-15081613
]
ASF GitHub Bot commented on WW-3462:
Github user asfgit closed the pull request at:
https://github.com/apache/struts/pull/64
> connection open after report generation
> ---
>
> Key: WW-3462
> URL: https://issues.apache.org/jira/browse/WW-3462
> Project: Struts 2
> Issue Type: Bug
> Components: Plugin - JasperReports
>Affects Versions: 2.1.8
> Environment: jdk1.5.0_16
>Reporter: Salva
> Fix For: 2.3.25, 2.5
>
> Original Estimate: 20m
> Remaining Estimate: 20m
>
> If a report generation was called with connection like following code,
> database connection will not be closed. I suggest to modify doExecute method
> of org.apache.struts2.views.jasperreports.JasperReportsResult class after the
> exportReportToBytes, by adding, in case of conn not null, the conn closing.
> struts.xml
> ...
>
>
> /test/Report.jasper
> myConnection
> attachment
> PDF
>
>
>
> Action execute method code
> ...
> DataSource ds = (DataSource) ictx.lookup("java:jdbc/myApp");
> myConnection = ds.getConnection();
> ...
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Commented] (WW-3462) connection open after report generation
[
https://issues.apache.org/jira/browse/WW-3462?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15081616#comment-15081616
]
ASF GitHub Bot commented on WW-3462:
Github user victorsosa commented on the pull request:
https://github.com/apache/struts/pull/64#issuecomment-168775787
:+1:
> connection open after report generation
> ---
>
> Key: WW-3462
> URL: https://issues.apache.org/jira/browse/WW-3462
> Project: Struts 2
> Issue Type: Bug
> Components: Plugin - JasperReports
>Affects Versions: 2.1.8
> Environment: jdk1.5.0_16
>Reporter: Salva
> Fix For: 2.3.25, 2.5
>
> Original Estimate: 20m
> Remaining Estimate: 20m
>
> If a report generation was called with connection like following code,
> database connection will not be closed. I suggest to modify doExecute method
> of org.apache.struts2.views.jasperreports.JasperReportsResult class after the
> exportReportToBytes, by adding, in case of conn not null, the conn closing.
> struts.xml
> ...
>
>
> /test/Report.jasper
> myConnection
> attachment
> PDF
>
>
>
> Action execute method code
> ...
> DataSource ds = (DataSource) ictx.lookup("java:jdbc/myApp");
> myConnection = ds.getConnection();
> ...
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Commented] (WW-4568) Upgrade Tiles 2 to latest available Tiles 2 version
[ https://issues.apache.org/jira/browse/WW-4568?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15081631#comment-15081631 ] ASF GitHub Bot commented on WW-4568: Github user lukaszlenart closed the pull request at: https://github.com/apache/struts/pull/59 > Upgrade Tiles 2 to latest available Tiles 2 version > --- > > Key: WW-4568 > URL: https://issues.apache.org/jira/browse/WW-4568 > Project: Struts 2 > Issue Type: Improvement > Components: Plugin - Tiles >Affects Versions: 2.3.24 >Reporter: Lukasz Lenart > Fix For: 2.3.25 > > -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-3945) Set default encoding for JSONResult to UTF-8
[ https://issues.apache.org/jira/browse/WW-3945?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15081635#comment-15081635 ] ASF GitHub Bot commented on WW-3945: Github user lukaszlenart commented on the pull request: https://github.com/apache/struts/pull/66#issuecomment-168777661 Conflicts :( > Set default encoding for JSONResult to UTF-8 > > > Key: WW-3945 > URL: https://issues.apache.org/jira/browse/WW-3945 > Project: Struts 2 > Issue Type: Bug >Affects Versions: 2.3.7 >Reporter: Lukasz Lenart >Priority: Minor > Fix For: 2.5 > > > Check WW-3863 for more details, but encoding param must be set to UTF-8 by > default -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-3945) Set default encoding for JSONResult to UTF-8
[ https://issues.apache.org/jira/browse/WW-3945?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15081640#comment-15081640 ] ASF GitHub Bot commented on WW-3945: Github user victorsosa commented on the pull request: https://github.com/apache/struts/pull/66#issuecomment-168777910 Yea, My bad; Let me fix it > Set default encoding for JSONResult to UTF-8 > > > Key: WW-3945 > URL: https://issues.apache.org/jira/browse/WW-3945 > Project: Struts 2 > Issue Type: Bug >Affects Versions: 2.3.7 >Reporter: Lukasz Lenart >Priority: Minor > Fix For: 2.5 > > > Check WW-3863 for more details, but encoding param must be set to UTF-8 by > default -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-3945) Set default encoding for JSONResult to UTF-8
[ https://issues.apache.org/jira/browse/WW-3945?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15081663#comment-15081663 ] ASF GitHub Bot commented on WW-3945: Github user victorsosa commented on the pull request: https://github.com/apache/struts/pull/66#issuecomment-168781813 Done, check Jenkins; it seems to be blocked > Set default encoding for JSONResult to UTF-8 > > > Key: WW-3945 > URL: https://issues.apache.org/jira/browse/WW-3945 > Project: Struts 2 > Issue Type: Bug >Affects Versions: 2.3.7 >Reporter: Lukasz Lenart >Priority: Minor > Fix For: 2.5 > > > Check WW-3863 for more details, but encoding param must be set to UTF-8 by > default -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-3945) Set default encoding for JSONResult to UTF-8
[ https://issues.apache.org/jira/browse/WW-3945?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15081667#comment-15081667 ] ASF GitHub Bot commented on WW-3945: Github user lukaszlenart commented on the pull request: https://github.com/apache/struts/pull/66#issuecomment-168782251 Yes, there is few other builds in pipeline ;-) > Set default encoding for JSONResult to UTF-8 > > > Key: WW-3945 > URL: https://issues.apache.org/jira/browse/WW-3945 > Project: Struts 2 > Issue Type: Bug >Affects Versions: 2.3.7 >Reporter: Lukasz Lenart >Priority: Minor > Fix For: 2.5 > > > Check WW-3863 for more details, but encoding param must be set to UTF-8 by > default -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-3945) Set default encoding for JSONResult to UTF-8
[ https://issues.apache.org/jira/browse/WW-3945?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15081701#comment-15081701 ] ASF GitHub Bot commented on WW-3945: Github user asfgit closed the pull request at: https://github.com/apache/struts/pull/66 > Set default encoding for JSONResult to UTF-8 > > > Key: WW-3945 > URL: https://issues.apache.org/jira/browse/WW-3945 > Project: Struts 2 > Issue Type: Bug >Affects Versions: 2.3.7 >Reporter: Lukasz Lenart >Priority: Minor > Fix For: 2.5 > > > Check WW-3863 for more details, but encoding param must be set to UTF-8 by > default -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-3945) Set default encoding for JSONResult to UTF-8
[ https://issues.apache.org/jira/browse/WW-3945?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15081722#comment-15081722 ] ASF GitHub Bot commented on WW-3945: Github user victorsosa commented on the pull request: https://github.com/apache/struts/pull/66#issuecomment-168793429 :+1: > Set default encoding for JSONResult to UTF-8 > > > Key: WW-3945 > URL: https://issues.apache.org/jira/browse/WW-3945 > Project: Struts 2 > Issue Type: Bug >Affects Versions: 2.3.7 >Reporter: Lukasz Lenart >Priority: Minor > Fix For: 2.5 > > > Check WW-3863 for more details, but encoding param must be set to UTF-8 by > default -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-4381) upgrade to jasperreports 6.0
[ https://issues.apache.org/jira/browse/WW-4381?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15081731#comment-15081731 ] ASF GitHub Bot commented on WW-4381: Github user asfgit closed the pull request at: https://github.com/apache/struts/pull/67 > upgrade to jasperreports 6.0 > > > Key: WW-4381 > URL: https://issues.apache.org/jira/browse/WW-4381 > Project: Struts 2 > Issue Type: Improvement > Components: Plugin - JasperReports >Reporter: zhouyanming > Fix For: 2.5 > > > JasperReportsResult.java is not compatible with jasperreports 6.0 -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-4312) A problem on Iterator tag
[
https://issues.apache.org/jira/browse/WW-4312?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15081914#comment-15081914
]
ASF GitHub Bot commented on WW-4312:
GitHub user victorsosa opened a pull request:
https://github.com/apache/struts/pull/69
Patch WW-4312 A problem on Iterator tag
Allow null values in the iterator tag
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/victorsosa/struts patch
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/struts/pull/69.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #69
commit b257250036c05233d072c69189258a69f68ee057
Author: Victor Sosa
Date: 2016-01-02T19:34:06Z
fix for WW-4573
NPE/ concurrent modification exception
using a CopyOnWriteArrayList. This is to keep Memory consistency on the
ValueStack.
commit 1d3d7be4668e66314f7385a2b73f1c3a7dff66dd
Author: Victor Sosa
Date: 2016-01-04T22:03:47Z
Fix for WW-4312
A problem on Iterator tag
and WW-3010 s:iterator fails to iterate over collections containing
null
commit e2ae94cc0f260b85d5162d749f047c8cbcc9e58c
Author: Victor Sosa
Date: 2016-01-04T22:07:47Z
Merge branch 'patch' of github.com:victorsosa/struts into patch
commit bdc325b03d17a6ec8bc6f19ecb0f0e9854749502
Author: victor sosa
Date: 2016-01-04T22:08:24Z
Merge pull request #2 from apache/master
Merge changes
commit 1e21b7ec1b04af84e31f7136e88663bc670a502e
Author: Victor Sosa
Date: 2016-01-04T22:12:57Z
Merge branch 'patch' of github.com:victorsosa/struts into patch
> A problem on Iterator tag
> -
>
> Key: WW-4312
> URL: https://issues.apache.org/jira/browse/WW-4312
> Project: Struts 2
> Issue Type: Bug
> Components: Other
>Affects Versions: 2.3.15
>Reporter: K OSSUser
>Priority: Minor
> Fix For: 2.5
>
>
> I can't explain well so see below.
> Expected "1, 2, , 3," but the result was "1, 2, 2, 3,".
> Test.jsp
> ---
>
>
> ,
>
>
> ---
> I changed below class then it was fixed.
> org.apache.struts2.components.IteratorComponent#start
> ---
> // if ((var != null) && (currentValue != null)) { <= Old.
> if (var != null) { // <= New.
> //pageContext.setAttribute(id, currentValue);
> //pageContext.setAttribute(id, currentValue,
> PageContext.REQUEST_SCOPE);
> putInContext(currentValue);
> }
> ---
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Commented] (WW-4312) A problem on Iterator tag
[
https://issues.apache.org/jira/browse/WW-4312?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15082583#comment-15082583
]
ASF GitHub Bot commented on WW-4312:
Github user asfgit closed the pull request at:
https://github.com/apache/struts/pull/69
> A problem on Iterator tag
> -
>
> Key: WW-4312
> URL: https://issues.apache.org/jira/browse/WW-4312
> Project: Struts 2
> Issue Type: Bug
> Components: Other
>Affects Versions: 2.3.15
>Reporter: K OSSUser
>Priority: Minor
> Fix For: 2.5
>
>
> I can't explain well so see below.
> Expected "1, 2, , 3," but the result was "1, 2, 2, 3,".
> Test.jsp
> {code:xml}
>
>
> ,
>
>
> {code}
> I changed below class then it was fixed.
> org.apache.struts2.components.IteratorComponent#start
> {code:java}
> // if ((var != null) && (currentValue != null)) { <= Old.
> if (var != null) { // <= New.
> //pageContext.setAttribute(id, currentValue);
> //pageContext.setAttribute(id, currentValue,
> PageContext.REQUEST_SCOPE);
> putInContext(currentValue);
> }
> {code}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Commented] (WW-4582) adds 'class' to exclude params in ParametersInterceptor (avoid ClassLoader manipulation)
[ https://issues.apache.org/jira/browse/WW-4582?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15083026#comment-15083026 ] ASF GitHub Bot commented on WW-4582: GitHub user victorsosa opened a pull request: https://github.com/apache/struts/pull/70 WW-4582 Permanent patch for security issue CVE-2014-0094 adds 'class' to exclude adds 'class' to exclude params in ParametersInterceptor (avoid ClassLoader manipulation) You can merge this pull request into a Git repository by running: $ git pull https://github.com/victorsosa/struts patch Alternatively you can review and apply these changes as the patch at: https://github.com/apache/struts/pull/70.patch To close this pull request, make a commit to your master/trunk branch with (at least) the following in the commit message: This closes #70 commit 4f1da41d5da1d8534d4ff82f42966fae3c9714bc Author: Victor Sosa Date: 2016-01-05T13:04:56Z Permanent patch for security issue CVE-2014-0094 adds 'class' to exclude params in ParametersInterceptor (avoid ClassLoader manipulation) > adds 'class' to exclude params in ParametersInterceptor (avoid ClassLoader > manipulation) > > > Key: WW-4582 > URL: https://issues.apache.org/jira/browse/WW-4582 > Project: Struts 2 > Issue Type: Bug > Components: Core Interceptors >Affects Versions: 2.3.24 >Reporter: victorsosa >Priority: Critical > Labels: security > Fix For: 2.3.25, 2.5 > > > Hi, > This is a permanent patch for security issue CVE-2014-0094; this adds 'class' > to exclude params in ParametersInterceptor (avoid ClassLoader manipulation) -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-4582) adds 'class' to exclude params in ParametersInterceptor (avoid ClassLoader manipulation)
[
https://issues.apache.org/jira/browse/WW-4582?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15083166#comment-15083166
]
ASF GitHub Bot commented on WW-4582:
Github user lukaszlenart commented on a diff in the pull request:
https://github.com/apache/struts/pull/70#discussion_r48851708
--- Diff:
core/src/test/java/com/opensymphony/xwork2/security/DefaultExcludedPatternsCheckerTest.java
---
@@ -11,6 +11,9 @@
public void testHardcodedPatterns() throws Exception {
// given
List params = new ArrayList() {
+
+private static final long serialVersionUID =
5687184571054993717L;
--- End diff --
Could you disable auto-generation of `serialVersionUID`?
> adds 'class' to exclude params in ParametersInterceptor (avoid ClassLoader
> manipulation)
>
>
> Key: WW-4582
> URL: https://issues.apache.org/jira/browse/WW-4582
> Project: Struts 2
> Issue Type: Bug
> Components: Core Interceptors
>Affects Versions: 2.3.24
>Reporter: victorsosa
>Priority: Critical
> Labels: security
> Fix For: 2.3.25, 2.5
>
>
> Hi,
> This is a permanent patch for security issue CVE-2014-0094; this adds 'class'
> to exclude params in ParametersInterceptor (avoid ClassLoader manipulation)
> This is base on the information in the S2-020
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Commented] (WW-4582) adds 'class' to exclude params in ParametersInterceptor (avoid ClassLoader manipulation)
[
https://issues.apache.org/jira/browse/WW-4582?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15083236#comment-15083236
]
ASF GitHub Bot commented on WW-4582:
Github user victorsosa commented on a diff in the pull request:
https://github.com/apache/struts/pull/70#discussion_r48856556
--- Diff:
core/src/test/java/com/opensymphony/xwork2/security/DefaultExcludedPatternsCheckerTest.java
---
@@ -11,6 +11,9 @@
public void testHardcodedPatterns() throws Exception {
// given
List params = new ArrayList() {
+
+private static final long serialVersionUID =
5687184571054993717L;
--- End diff --
OK, I will remove that line
> adds 'class' to exclude params in ParametersInterceptor (avoid ClassLoader
> manipulation)
>
>
> Key: WW-4582
> URL: https://issues.apache.org/jira/browse/WW-4582
> Project: Struts 2
> Issue Type: Bug
> Components: Core Interceptors
>Affects Versions: 2.3.24
>Reporter: victorsosa
>Priority: Critical
> Labels: security
> Fix For: 2.3.25, 2.5
>
>
> Hi,
> This is a permanent patch for security issue CVE-2014-0094; this adds 'class'
> to exclude params in ParametersInterceptor (avoid ClassLoader manipulation)
> This is base on the information in the S2-020
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Commented] (WW-4582) adds 'class' to exclude params in ParametersInterceptor (avoid ClassLoader manipulation)
[ https://issues.apache.org/jira/browse/WW-4582?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15083406#comment-15083406 ] ASF GitHub Bot commented on WW-4582: Github user victorsosa commented on the pull request: https://github.com/apache/struts/pull/70#issuecomment-169070596 This close also the CVE-2014-0112, CVE-2014-0113 and CVE-2014-0116 > adds 'class' to exclude params in ParametersInterceptor (avoid ClassLoader > manipulation) > > > Key: WW-4582 > URL: https://issues.apache.org/jira/browse/WW-4582 > Project: Struts 2 > Issue Type: Bug > Components: Core Interceptors >Affects Versions: 2.3.24 >Reporter: victorsosa >Priority: Critical > Labels: security > Fix For: 2.3.25, 2.5 > > > Hi, > This is a permanent patch for security issue CVE-2014-0094; this adds 'class' > to exclude params in ParametersInterceptor (avoid ClassLoader manipulation) > This is base on the information in the S2-020 > This close also the CVE-2014-0112, CVE-2014-0113 and CVE-2014-0116 -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-4582) adds 'class' to exclude params in ParametersInterceptor (avoid ClassLoader manipulation)
[ https://issues.apache.org/jira/browse/WW-4582?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15090977#comment-15090977 ] ASF GitHub Bot commented on WW-4582: Github user lukaszlenart commented on the pull request: https://github.com/apache/struts/pull/70#issuecomment-170333869 This isn't really needed as access to `Class` is blocked for any Ognl expression, see [Internal Security Mechanism](http://struts.apache.org/docs/security.html#Security-Internalsecuritymechanism) > adds 'class' to exclude params in ParametersInterceptor (avoid ClassLoader > manipulation) > > > Key: WW-4582 > URL: https://issues.apache.org/jira/browse/WW-4582 > Project: Struts 2 > Issue Type: Bug > Components: Core Interceptors >Affects Versions: 2.3.24 >Reporter: victorsosa >Assignee: Lukasz Lenart >Priority: Critical > Labels: security > Fix For: 2.3.25, 2.5 > > > Hi, > This is a permanent patch for security issue CVE-2014-0094; this adds 'class' > to exclude params in ParametersInterceptor (avoid ClassLoader manipulation) > This is base on the information in the S2-020 > This close also the CVE-2014-0112, CVE-2014-0113 and CVE-2014-0116 -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-4582) adds 'class' to exclude params in ParametersInterceptor (avoid ClassLoader manipulation)
[ https://issues.apache.org/jira/browse/WW-4582?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15090981#comment-15090981 ] ASF GitHub Bot commented on WW-4582: Github user lukaszlenart commented on the pull request: https://github.com/apache/struts/pull/70#issuecomment-170334397 Also based on a report from a user I have added this 74e26830d2849a84729b33497f729e0f033dc147 - this is almost the same as yours but it bases on a real-life example :) > adds 'class' to exclude params in ParametersInterceptor (avoid ClassLoader > manipulation) > > > Key: WW-4582 > URL: https://issues.apache.org/jira/browse/WW-4582 > Project: Struts 2 > Issue Type: Bug > Components: Core Interceptors >Affects Versions: 2.3.24 >Reporter: victorsosa >Assignee: Lukasz Lenart >Priority: Critical > Labels: security > Fix For: 2.3.25, 2.5 > > > Hi, > This is a permanent patch for security issue CVE-2014-0094; this adds 'class' > to exclude params in ParametersInterceptor (avoid ClassLoader manipulation) > This is base on the information in the S2-020 > This close also the CVE-2014-0112, CVE-2014-0113 and CVE-2014-0116 -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-4568) Upgrade Tiles 2 to latest available Tiles 2 version
[ https://issues.apache.org/jira/browse/WW-4568?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15090989#comment-15090989 ] ASF GitHub Bot commented on WW-4568: Github user asfgit closed the pull request at: https://github.com/apache/struts/pull/60 > Upgrade Tiles 2 to latest available Tiles 2 version > --- > > Key: WW-4568 > URL: https://issues.apache.org/jira/browse/WW-4568 > Project: Struts 2 > Issue Type: Improvement > Components: Plugin - Tiles >Affects Versions: 2.3.24 >Reporter: Lukasz Lenart >Assignee: Lukasz Lenart > Fix For: 2.3.25 > > -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-4582) adds 'class' to exclude params in ParametersInterceptor (avoid ClassLoader manipulation)
[ https://issues.apache.org/jira/browse/WW-4582?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15090997#comment-15090997 ] ASF GitHub Bot commented on WW-4582: Github user victorsosa closed the pull request at: https://github.com/apache/struts/pull/70 > adds 'class' to exclude params in ParametersInterceptor (avoid ClassLoader > manipulation) > > > Key: WW-4582 > URL: https://issues.apache.org/jira/browse/WW-4582 > Project: Struts 2 > Issue Type: Bug > Components: Core Interceptors >Affects Versions: 2.3.24 >Reporter: victorsosa >Assignee: Lukasz Lenart >Priority: Critical > Labels: security > Fix For: 2.3.25, 2.5 > > > Hi, > This is a permanent patch for security issue CVE-2014-0094; this adds 'class' > to exclude params in ParametersInterceptor (avoid ClassLoader manipulation) > This is base on the information in the S2-020 > This close also the CVE-2014-0112, CVE-2014-0113 and CVE-2014-0116 -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-4582) adds 'class' to exclude params in ParametersInterceptor (avoid ClassLoader manipulation)
[ https://issues.apache.org/jira/browse/WW-4582?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15090996#comment-15090996 ] ASF GitHub Bot commented on WW-4582: Github user victorsosa commented on the pull request: https://github.com/apache/struts/pull/70#issuecomment-170337968 ok, PR closed > adds 'class' to exclude params in ParametersInterceptor (avoid ClassLoader > manipulation) > > > Key: WW-4582 > URL: https://issues.apache.org/jira/browse/WW-4582 > Project: Struts 2 > Issue Type: Bug > Components: Core Interceptors >Affects Versions: 2.3.24 >Reporter: victorsosa >Assignee: Lukasz Lenart >Priority: Critical > Labels: security > Fix For: 2.3.25, 2.5 > > > Hi, > This is a permanent patch for security issue CVE-2014-0094; this adds 'class' > to exclude params in ParametersInterceptor (avoid ClassLoader manipulation) > This is base on the information in the S2-020 > This close also the CVE-2014-0112, CVE-2014-0113 and CVE-2014-0116 -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-4584) Upgrade Tiles 3 pugin to latest available Tiles 3 version
[ https://issues.apache.org/jira/browse/WW-4584?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15093616#comment-15093616 ] ASF GitHub Bot commented on WW-4584: GitHub user lukaszlenart opened a pull request: https://github.com/apache/struts/pull/73 WW-4584: Upgrade tiles plugin [WW-4584](https://issues.apache.org/jira/browse/WW-4584) Upgrades Tiles plugin to use Tiles 3 version, it also drops Tiles 3 plugin - there will be only one plugin to support Tiles 3 You can merge this pull request into a Git repository by running: $ git pull https://github.com/lukaszlenart/struts upgrade-tiles-plugin Alternatively you can review and apply these changes as the patch at: https://github.com/apache/struts/pull/73.patch To close this pull request, make a commit to your master/trunk branch with (at least) the following in the commit message: This closes #73 commit 85b219813f982ad28059197c6ebcb0b099f7e4b3 Author: Lukasz Lenart Date: 2015-11-25T19:22:31Z Adds required dependencies commit 70716e945295526d207cab6c66306a3113f8a333 Author: Lukasz Lenart Date: 2015-11-25T19:29:18Z Re-implements tiles integration based on new API commit 24a5bce6c436ddaea9f65f792b280fdd6f9c4ae3 Author: Lukasz Lenart Date: 2015-11-25T19:29:24Z Drops unused classes commit 26f153d262f7a4dfb767c391afece8ac1d9e1c0d Author: Lukasz Lenart Date: 2015-11-25T19:29:43Z Replaces call to deprecated api commit 6edc0ff5e0410651f7055654116c3346aeaa4ee5 Author: Lukasz Lenart Date: 2015-11-25T19:37:42Z Updates Portal Tiles integration commit 27ad6cb13e9fa75d48f8e5cf26687b49af9ed213 Author: Lukasz Lenart Date: 2015-11-25T19:54:39Z Adds missing header with license commit 388861ff073f54f7959a35cc205b264237d043d0 Author: Lukasz Lenart Date: 2015-11-27T12:36:52Z Registers Tiles model commit 6622fab25bee1dae9085cca56b87711f3197916d Author: Lukasz Lenart Date: 2015-11-27T15:09:37Z Fixes dependency clash commit 2d0fe9f742c9add4a1803d3165a3ed906551dc45 Author: Lukasz Lenart Date: 2016-01-12T07:19:26Z Drops Tiles 3 plugin commit 5fe760dc67f4b3bd16112ac48494782e570dd242 Author: Lukasz Lenart Date: 2016-01-12T07:19:52Z Removes module commit 47ecd001ec8b35e4569d43a481e82166eed6cfb1 Author: Lukasz Lenart Date: 2016-01-12T07:51:03Z Ports solution from 2.3.x branch commit af82d23c95f592bac84f1cac105bc00163c53b4d Author: Lukasz Lenart Date: 2016-01-12T07:51:14Z Upgrade Tiles dependencies commit b675844a8f0de848d200439ed01ebbb532ca9b53 Author: Lukasz Lenart Date: 2016-01-12T07:51:34Z Ports solution to resolve problem with EL functions commit 4638b3345757b900edead4a5e4de4c3d37c0eafe Author: Lukasz Lenart Date: 2016-01-12T09:13:38Z Adds missing Tiles API dependency commit ace6a5d5ee0bdcfc81225832a477dff1bf4effbf Author: Lukasz Lenart Date: 2016-01-12T09:13:51Z Adjusts code to Tiles 3 commit c07020cb7cc1d1a8eb15cacc7f62be3a864474f8 Author: Lukasz Lenart Date: 2016-01-12T09:14:11Z Uses new way to access TileContainer commit 33edfffbe256e071fc33355518f24457da815a8b Author: Lukasz Lenart Date: 2016-01-12T09:36:46Z Migrates tiles-portlet to the same version > Upgrade Tiles 3 pugin to latest available Tiles 3 version > - > > Key: WW-4584 > URL: https://issues.apache.org/jira/browse/WW-4584 > Project: Struts 2 > Issue Type: Improvement > Components: Plugin - Tiles >Reporter: Lukasz Lenart > Fix For: 2.5 > > -- This message was sent by Atlassian JIRA (v6.3.4#6332)
