JCgH4164838Gh792C124B5 commented on a change in pull request #427:
URL: https://github.com/apache/struts/pull/427#discussion_r460437748
##
File path:
plugins/osgi/src/main/java/org/apache/struts2/osgi/BundlePackageLoader.java
##
@@ -45,24 +47,96 @@
private static final
JCgH4164838Gh792C124B5 commented on a change in pull request #427:
URL: https://github.com/apache/struts/pull/427#discussion_r460441702
##
File path: plugins/osgi/src/main/java/org/apache/struts2/osgi/OsgiUtil.java
##
@@ -92,4 +92,83 @@ public static boolean containsBean(Object
coveralls commented on pull request #427:
URL: https://github.com/apache/struts/pull/427#issuecomment-663902556
[](https://coveralls.io/builds/32321686)
Coverage increased (+0.2%) to 47.29% when pulling
**d61be3e4ce7d
JCgH4164838Gh792C124B5 commented on pull request #427:
URL: https://github.com/apache/struts/pull/427#issuecomment-663902756
Hi. It looks like the latest commit fixed the test-failure issue involving
the cache directory, and the builds for all four JDKs completed.
Let me know if the
coveralls commented on pull request #428:
URL: https://github.com/apache/struts/pull/428#issuecomment-664017841
[](https://coveralls.io/builds/32328727)
Coverage increased (+5.0e-05%) to 49.344% when pulling
**f386e89
JCgH4164838Gh792C124B5 commented on pull request #428:
URL: https://github.com/apache/struts/pull/428#issuecomment-664018945
Hello Struts Developers.
This PR is intended to be some minor cleanup to the new
`FetchMetadataInterceptor`, recently added to the 2.6.x series via PR #426.
salcho commented on pull request #428:
URL: https://github.com/apache/struts/pull/428#issuecomment-664170448
@JCgH4164838Gh792C124B5
Hi James,
Thanks so much for the follow up! We're getting ready to submit a second PR
soon and going through your changes is very useful. We di
salcho commented on pull request #429:
URL: https://github.com/apache/struts/pull/429#issuecomment-665061444
Sorry, this PR was based off the wrong branch in our fork and has been
replaced by https://github.com/apache/struts/pull/430
---
yasserzamani commented on a change in pull request #428:
URL: https://github.com/apache/struts/pull/428#discussion_r462023263
##
File path:
core/src/main/java/org/apache/struts2/interceptor/FetchMetadataInterceptor.java
##
@@ -41,17 +42,19 @@
* filter the requests allowed to
coveralls commented on pull request #430:
URL: https://github.com/apache/struts/pull/430#issuecomment-665101565
[](https://coveralls.io/builds/32373906)
Coverage increased (+0.2%) to 49.539% when pulling
**4d8bec5d0a5
yasserzamani commented on a change in pull request #427:
URL: https://github.com/apache/struts/pull/427#discussion_r462019483
##
File path: plugins/osgi/src/main/java/org/apache/struts2/osgi/OsgiUtil.java
##
@@ -92,4 +92,83 @@ public static boolean containsBean(Object beanFacto
lukaszlenart commented on pull request #427:
URL: https://github.com/apache/struts/pull/427#issuecomment-664589306
LGTM 👍
This is an automated message from the Apache Git Service.
To respond to the message, please log on to
salcho commented on pull request #430:
URL: https://github.com/apache/struts/pull/430#issuecomment-666370390
This PR is associated with a follow up that refactors FTL and JSP files to
make them CSP-ready. This will make it much easier to adopt CSP on an existing
application. Please find a
salcho edited a comment on pull request #430:
URL: https://github.com/apache/struts/pull/430#issuecomment-666370390
This PR is associated with a follow up that refactors existing FTL and JSP
files in Struts to make them CSP-ready. This will make it much easier to adopt
CSP on an existing a
salcho edited a comment on pull request #430:
URL: https://github.com/apache/struts/pull/430#issuecomment-666370390
This PR is associated with a follow up that refactors existing FTL and JSP
files in Struts to make them CSP-ready. This will make it much easier to adopt
CSP on an existing a
JCgH4164838Gh792C124B5 commented on a change in pull request #428:
URL: https://github.com/apache/struts/pull/428#discussion_r463970935
##
File path:
core/src/main/java/org/apache/struts2/interceptor/FetchMetadataInterceptor.java
##
@@ -41,17 +42,19 @@
* filter the requests
JCgH4164838Gh792C124B5 commented on a change in pull request #428:
URL: https://github.com/apache/struts/pull/428#discussion_r463972601
##
File path:
core/src/main/java/org/apache/struts2/interceptor/FetchMetadataInterceptor.java
##
@@ -73,15 +76,31 @@ public String intercept(
salcho commented on a change in pull request #428:
URL: https://github.com/apache/struts/pull/428#discussion_r464245596
##
File path:
core/src/main/java/org/apache/struts2/interceptor/FetchMetadataInterceptor.java
##
@@ -73,15 +76,31 @@ public String intercept(ActionInvocation
JCgH4164838Gh792C124B5 commented on pull request #428:
URL: https://github.com/apache/struts/pull/428#issuecomment-668281262
Hello Again. This PR has been updated with the suggested additional unit
test and increased the level of the "Fetch metadata rejected" log message to
`info` level.
coveralls edited a comment on pull request #428:
URL: https://github.com/apache/struts/pull/428#issuecomment-664017841
[](https://coveralls.io/builds/32515420)
Coverage increased (+0.02%) to 49.363% when pulling
**bfa
coveralls commented on pull request #432:
URL: https://github.com/apache/struts/pull/432#issuecomment-671908636
[](https://coveralls.io/builds/32673990)
Coverage increased (+0.04%) to 49.384% when pulling
**4acaccfa61
coveralls edited a comment on pull request #432:
URL: https://github.com/apache/struts/pull/432#issuecomment-671908636
[](https://coveralls.io/builds/32675006)
Coverage increased (+0.04%) to 49.384% when pulling
**4ac
yasserzamani commented on pull request #428:
URL: https://github.com/apache/struts/pull/428#issuecomment-674372579
osm! thanks!
This is an automated message from the Apache Git Service.
To respond to the message, please log o
yasserzamani commented on pull request #432:
URL: https://github.com/apache/struts/pull/432#issuecomment-674376827
LGTM :+1: thanks a lot!
This is an automated message from the Apache Git Service.
To respond to the message, p
lukaszlenart commented on pull request #432:
URL: https://github.com/apache/struts/pull/432#issuecomment-674677494
👏 LGTM 👍
This is an automated message from the Apache Git Service.
To respond to the message, please log on
salcho commented on pull request #430:
URL: https://github.com/apache/struts/pull/430#issuecomment-674746353
That's great news @lukaszlenart! Is there anything else we can do to get
these merged? :)
This is an automated mes
lukaszlenart commented on pull request #430:
URL: https://github.com/apache/struts/pull/430#issuecomment-674772105
I'm just giving some time to others to allow them review your work :)
This is an automated message from the Ap
aleksandr-m commented on pull request #430:
URL: https://github.com/apache/struts/pull/430#issuecomment-675432105
@salcho @lukaszlenart Do we need `CspReportAction` in the Struts itself?
Seems like it is too implementation specific.
aleksandr-m commented on a change in pull request #430:
URL: https://github.com/apache/struts/pull/430#discussion_r472119724
##
File path: core/src/main/java/org/apache/struts2/action/CspReportAction.java
##
@@ -0,0 +1,97 @@
+/*
+ * Licensed to the Apache Software Foundation (A
aleksandr-m commented on a change in pull request #430:
URL: https://github.com/apache/struts/pull/430#discussion_r472120143
##
File path: core/src/main/java/org/apache/struts2/action/CspReportAction.java
##
@@ -0,0 +1,97 @@
+/*
+ * Licensed to the Apache Software Foundation (A
salcho commented on pull request #430:
URL: https://github.com/apache/struts/pull/430#issuecomment-675472136
Hi @aleksandr-m @lukaszlenart,
Re: **CspReportAction**. In our experience, many developers are put off of
adopting CSP in their applications because collecting reports adds mo
coveralls edited a comment on pull request #430:
URL: https://github.com/apache/struts/pull/430#issuecomment-665101565
[](https://coveralls.io/builds/32831292)
Coverage increased (+0.3%) to 49.604% when pulling
**418c
aleksandr-m commented on a change in pull request #430:
URL: https://github.com/apache/struts/pull/430#discussion_r472491743
##
File path:
core/src/main/java/org/apache/struts2/interceptor/csp/CspInterceptor.java
##
@@ -0,0 +1,78 @@
+/*
+ * Licensed to the Apache Software Foun
aleksandr-m commented on a change in pull request #430:
URL: https://github.com/apache/struts/pull/430#discussion_r472494636
##
File path: core/src/main/resources/struts-default.xml
##
@@ -377,6 +378,10 @@
+
salcho commented on a change in pull request #430:
URL: https://github.com/apache/struts/pull/430#discussion_r472852667
##
File path:
core/src/main/java/org/apache/struts2/interceptor/csp/CspInterceptor.java
##
@@ -0,0 +1,78 @@
+/*
+ * Licensed to the Apache Software Foundatio
salcho commented on a change in pull request #430:
URL: https://github.com/apache/struts/pull/430#discussion_r472854370
##
File path: core/src/main/resources/struts-default.xml
##
@@ -377,6 +378,10 @@
+
+
aleksandr-m commented on a change in pull request #430:
URL: https://github.com/apache/struts/pull/430#discussion_r473288542
##
File path: core/src/main/resources/struts-default.xml
##
@@ -377,6 +378,10 @@
+
aleksandr-m commented on a change in pull request #430:
URL: https://github.com/apache/struts/pull/430#discussion_r473289967
##
File path:
core/src/main/java/org/apache/struts2/interceptor/csp/CspInterceptor.java
##
@@ -0,0 +1,78 @@
+/*
+ * Licensed to the Apache Software Foun
aleksandr-m commented on a change in pull request #430:
URL: https://github.com/apache/struts/pull/430#discussion_r473291502
##
File path:
core/src/main/java/org/apache/struts2/action/DefaultCspReportAction.java
##
@@ -0,0 +1,38 @@
+/*
+ * Licensed to the Apache Software Found
salcho commented on a change in pull request #430:
URL: https://github.com/apache/struts/pull/430#discussion_r473732850
##
File path: core/src/main/resources/struts-default.xml
##
@@ -377,6 +378,10 @@
+
+
salcho commented on a change in pull request #430:
URL: https://github.com/apache/struts/pull/430#discussion_r473743634
##
File path:
core/src/main/java/org/apache/struts2/action/DefaultCspReportAction.java
##
@@ -0,0 +1,38 @@
+/*
+ * Licensed to the Apache Software Foundation
coveralls edited a comment on pull request #430:
URL: https://github.com/apache/struts/pull/430#issuecomment-665101565
[](https://coveralls.io/builds/32878823)
Coverage increased (+0.3%) to 49.604% when pulling
**0af4
aleksandr-m commented on a change in pull request #430:
URL: https://github.com/apache/struts/pull/430#discussion_r474792742
##
File path:
core/src/main/java/org/apache/struts2/action/DefaultCspReportAction.java
##
@@ -0,0 +1,38 @@
+/*
+ * Licensed to the Apache Software Found
coveralls commented on pull request #433:
URL: https://github.com/apache/struts/pull/433#issuecomment-678479140
[](https://coveralls.io/builds/32922381)
Coverage increased (+0.1%) to 49.532% when pulling
**cb3ca4b3111
JCgH4164838Gh792C124B5 commented on pull request #433:
URL: https://github.com/apache/struts/pull/433#issuecomment-678480590
Hello Apache Struts Team.
This PR is an equivalent to PR #427, but for the 2.6.x mainline branch, and
containing some JDK8+ code structure changes.
A fe
salcho commented on a change in pull request #430:
URL: https://github.com/apache/struts/pull/430#discussion_r475082495
##
File path:
core/src/main/java/org/apache/struts2/action/DefaultCspReportAction.java
##
@@ -0,0 +1,38 @@
+/*
+ * Licensed to the Apache Software Foundation
coveralls edited a comment on pull request #430:
URL: https://github.com/apache/struts/pull/430#issuecomment-665101565
[](https://coveralls.io/builds/32930625)
Coverage increased (+0.3%) to 49.628% when pulling
**bf80
salcho commented on pull request #430:
URL: https://github.com/apache/struts/pull/430#issuecomment-682450061
Friendly ping! @aleksandr-m @lukaszlenart
This is an automated message from the Apache Git Service.
To respond to t
lukaszlenart commented on pull request #430:
URL: https://github.com/apache/struts/pull/430#issuecomment-682488177
I'm fine with the current state, LGTM 👍 (but I will let @aleksandr-m hit
the button :)
This is an automated
coveralls commented on pull request #435:
URL: https://github.com/apache/struts/pull/435#issuecomment-687127901
[](https://coveralls.io/builds/33235550)
Coverage decreased (-0.003%) to 49.745% when pulling
**23ddc8f02
lukaszlenart commented on pull request #434:
URL: https://github.com/apache/struts/pull/434#issuecomment-688055178
Looks good good, yet some tests are failing - it looks like out integration
tests cannot pass because an app cannot be started.
--
lukaszlenart edited a comment on pull request #434:
URL: https://github.com/apache/struts/pull/434#issuecomment-688055178
Looks good, yet some tests are failing - it looks like out integration tests
cannot pass because an app cannot be started.
JCgH4164838Gh792C124B5 commented on pull request #435:
URL: https://github.com/apache/struts/pull/435#issuecomment-689100828
Hi.
Although it seems unlikely, there might be someone with a current use case
for uploading empty files. For this PR's change, maybe there should be a
diffe
JCgH4164838Gh792C124B5 commented on pull request #436:
URL: https://github.com/apache/struts/pull/436#issuecomment-689102132
Hello Apache Struts Team.
This is just a basic backport of a couple of items to the 2.5.x branch.
They should be safe for a future 2.5.x maintenance-only release
JCgH4164838Gh792C124B5 commented on a change in pull request #434:
URL: https://github.com/apache/struts/pull/434#discussion_r485180192
##
File path:
core/src/main/resources/org/apache/struts2/interceptor/debugging/console.ftl
##
@@ -21,7 +21,9 @@
-
+