You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@struts.apache.org by lu...@apache.org on 2013/10/21 12:49:52 UTC
svn commit: r1534089 - in /struts/struts2/trunk:
core/src/main/resources/struts-default.xml
xwork-core/src/main/java/com/opensymphony/xwork2/interceptor/ParametersInterceptor.java
Author: lukaszlenart
Date: Mon Oct 21 10:49:52 2013
New Revision: 1534089
URL: http://svn.apache.org/r1534089
Log:
WW-4023 Adds action: and method: prefixes to excludeParams list and changes order to first check for excludeParams and then for acceptedParams in ParametersInterceptor
Modified:
struts/struts2/trunk/core/src/main/resources/struts-default.xml
struts/struts2/trunk/xwork-core/src/main/java/com/opensymphony/xwork2/interceptor/ParametersInterceptor.java
Modified: struts/struts2/trunk/core/src/main/resources/struts-default.xml
URL: http://svn.apache.org/viewvc/struts/struts2/trunk/core/src/main/resources/struts-default.xml?rev=1534089&r1=1534088&r2=1534089&view=diff
==============================================================================
--- struts/struts2/trunk/core/src/main/resources/struts-default.xml (original)
+++ struts/struts2/trunk/core/src/main/resources/struts-default.xml Mon Oct 21 10:49:52 2013
@@ -251,7 +251,7 @@
<interceptor-ref name="checkbox"/>
<interceptor-ref name="multiselect"/>
<interceptor-ref name="params">
- <param name="excludeParams">dojo\..*,^struts\..*,^session\..*,^request\..*,^application\..*,^servlet(Request|Response)\..*,parameters\...*</param>
+ <param name="excludeParams">^dojo\..*,^struts\..*,^session\..*,^request\..*,^application\..*,^servlet(Request|Response)\..*,^parameters\..*,^action:.*,^method:.*</param>
</interceptor-ref>
<interceptor-ref name="servletConfig"/>
<interceptor-ref name="prepare"/>
@@ -261,7 +261,7 @@
<interceptor-ref name="staticParams"/>
<interceptor-ref name="actionMappingParams"/>
<interceptor-ref name="params">
- <param name="excludeParams">dojo\..*,^struts\..*,^session\..*,^request\..*,^application\..*,^servlet(Request|Response)\..*,parameters\...*</param>
+ <param name="excludeParams">^dojo\..*,^struts\..*,^session\..*,^request\..*,^application\..*,^servlet(Request|Response)\..*,^parameters\..*,^action:.*,^method:.*</param>
</interceptor-ref>
<interceptor-ref name="conversionError"/>
<interceptor-ref name="validation">
@@ -298,7 +298,7 @@
<interceptor-ref name="staticParams"/>
<interceptor-ref name="actionMappingParams"/>
<interceptor-ref name="params">
- <param name="excludeParams">dojo\..*,^struts\..*,^session\..*,^request\..*,^application\..*,^servlet(Request|Response)\..*,parameters\...*</param>
+ <param name="excludeParams">^dojo\..*,^struts\..*,^session\..*,^request\..*,^application\..*,^servlet(Request|Response)\..*,^parameters\..*,^action:.*,^method:.*</param>
</interceptor-ref>
<interceptor-ref name="conversionError"/>
<interceptor-ref name="validation">
Modified: struts/struts2/trunk/xwork-core/src/main/java/com/opensymphony/xwork2/interceptor/ParametersInterceptor.java
URL: http://svn.apache.org/viewvc/struts/struts2/trunk/xwork-core/src/main/java/com/opensymphony/xwork2/interceptor/ParametersInterceptor.java?rev=1534089&r1=1534088&r2=1534089&view=diff
==============================================================================
--- struts/struts2/trunk/xwork-core/src/main/java/com/opensymphony/xwork2/interceptor/ParametersInterceptor.java (original)
+++ struts/struts2/trunk/xwork-core/src/main/java/com/opensymphony/xwork2/interceptor/ParametersInterceptor.java Mon Oct 21 10:49:52 2013
@@ -144,8 +144,7 @@ public class ParametersInterceptor exten
private boolean devMode = false;
// Allowed names of parameters
- private String acceptedParamNames = ACCEPTED_PARAM_NAMES;
- private Pattern acceptedPattern = Pattern.compile(acceptedParamNames);
+ private Pattern acceptedPattern = Pattern.compile(ACCEPTED_PARAM_NAMES);
private ValueStackFactory valueStackFactory;
@@ -389,7 +388,7 @@ public class ParametersInterceptor exten
}
protected boolean acceptableName(String name) {
- boolean accepted = isWithinLengthLimit(name) && isAccepted(name) && !isExcluded(name);
+ boolean accepted = isWithinLengthLimit(name) && !isExcluded(name) && isAccepted(name);
if (devMode && accepted) { // notify only when in devMode
LOG.debug("Parameter [#0] was accepted and will be appended to action!", name);
}