You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@ofbiz.apache.org by ad...@apache.org on 2012/04/27 15:10:57 UTC

svn commit: r1331418 - /ofbiz/trunk/framework/minilang/src/org/ofbiz/minilang/method/callops/CallScript.java

Author: adrianc
Date: Fri Apr 27 13:10:57 2012
New Revision: 1331418

URL: http://svn.apache.org/viewvc?rev=1331418&view=rev
Log:
Add security note to Mini-language <script> element.

Modified:
    ofbiz/trunk/framework/minilang/src/org/ofbiz/minilang/method/callops/CallScript.java

Modified: ofbiz/trunk/framework/minilang/src/org/ofbiz/minilang/method/callops/CallScript.java
URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/minilang/src/org/ofbiz/minilang/method/callops/CallScript.java?rev=1331418&r1=1331417&r2=1331418&view=diff
==============================================================================
--- ofbiz/trunk/framework/minilang/src/org/ofbiz/minilang/method/callops/CallScript.java (original)
+++ ofbiz/trunk/framework/minilang/src/org/ofbiz/minilang/method/callops/CallScript.java Fri Apr 27 13:10:57 2012
@@ -48,6 +48,10 @@ public final class CallScript extends Me
         return false;
     }
     
+    /*
+     * Developers - the location attribute is a constant for security reasons.
+     * Script invocations should always be hard-coded.
+     */
     private final String location;
     private final String method;
     private final Scriptlet scriptlet;