You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@struts.apache.org by "ASF GitHub Bot (JIRA)" <ji...@apache.org> on 2018/11/19 19:08:00 UTC

[jira] [Commented] (WW-4983) Set private access modifier for HttpParameters.toMap

    [ https://issues.apache.org/jira/browse/WW-4983?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16692133#comment-16692133 ] 

ASF GitHub Bot commented on WW-4983:
------------------------------------

sepe81 opened a new pull request #276: WW-4983 Set private access modifier for HttpParameters.toMap
URL: https://github.com/apache/struts/pull/276
 
 
   This method can be potentially dangerous as it allows access to raw
   parameter values.

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
users@infra.apache.org


> Set private access modifier for HttpParameters.toMap
> ----------------------------------------------------
>
>                 Key: WW-4983
>                 URL: https://issues.apache.org/jira/browse/WW-4983
>             Project: Struts 2
>          Issue Type: Task
>          Components: Core
>            Reporter: Sebastian Peters
>            Priority: Minor
>              Labels: easyfix, security
>             Fix For: 2.6
>
>
> As stated in WW-4710 by [~lukaszlenart] this method can be potentially dangerous as it allows access to raw parameter values. It should only be used internally.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)