You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@struts.apache.org by "Lucas Nelson (JIRA)" <ji...@apache.org> on 2008/11/25 01:43:37 UTC
[jira] Created: (WW-2893) XWorkConverter calling
e.printStackTrace() after bad user input
XWorkConverter calling e.printStackTrace() after bad user input
---------------------------------------------------------------
Key: WW-2893
URL: https://issues.apache.org/struts/browse/WW-2893
Project: Struts 2
Issue Type: Bug
Affects Versions: 2.1.2
Environment: Tomcat 6.0.18
Reporter: Lucas Nelson
We are getting log output triggered by bad user input from the XWorkConverter#convertValue method - lines 302, 315, 326 in 2.1.2. This can be triggered by having a numeric field and not submitting anything in it, or having a custom converter that throws a TypeConversionException.
We would have difficulty going into production with bad user input triggering a stack dump in our log files - the frequency of bad input coupled with the computation cost of generating a stack trace, and the log file spam it would generate. Could these printStackTrace() calls please be removed. Perhaps replaced with debug level output.
IMO having application log output being generated by end-user activity is a problem.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Resolved: (WW-2893) XWorkConverter calling
e.printStackTrace() after bad user input
Posted by "Musachy Barroso (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/struts/browse/WW-2893?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Musachy Barroso resolved WW-2893.
---------------------------------
Resolution: Fixed
Fix Version/s: 2.1.3
> XWorkConverter calling e.printStackTrace() after bad user input
> ---------------------------------------------------------------
>
> Key: WW-2893
> URL: https://issues.apache.org/struts/browse/WW-2893
> Project: Struts 2
> Issue Type: Bug
> Affects Versions: 2.1.2
> Environment: Tomcat 6.0.18
> Reporter: Lucas Nelson
> Assignee: Musachy Barroso
> Fix For: 2.1.3
>
>
> We are getting log output triggered by bad user input from the XWorkConverter#convertValue method - lines 302, 315, 326 in 2.1.2. This can be triggered by having a numeric field and not submitting anything in it, or having a custom converter that throws a TypeConversionException.
> We would have difficulty going into production with bad user input triggering a stack dump in our log files - the frequency of bad input coupled with the computation cost of generating a stack trace, and the log file spam it would generate. Could these printStackTrace() calls please be removed. Perhaps replaced with debug level output.
> IMO having application log output being generated by end-user activity is a problem.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (WW-2893) XWorkConverter calling
e.printStackTrace() after bad user input
Posted by "Musachy Barroso (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/struts/browse/WW-2893?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=45014#action_45014 ]
Musachy Barroso commented on WW-2893:
-------------------------------------
I agree
> XWorkConverter calling e.printStackTrace() after bad user input
> ---------------------------------------------------------------
>
> Key: WW-2893
> URL: https://issues.apache.org/struts/browse/WW-2893
> Project: Struts 2
> Issue Type: Bug
> Affects Versions: 2.1.2
> Environment: Tomcat 6.0.18
> Reporter: Lucas Nelson
>
> We are getting log output triggered by bad user input from the XWorkConverter#convertValue method - lines 302, 315, 326 in 2.1.2. This can be triggered by having a numeric field and not submitting anything in it, or having a custom converter that throws a TypeConversionException.
> We would have difficulty going into production with bad user input triggering a stack dump in our log files - the frequency of bad input coupled with the computation cost of generating a stack trace, and the log file spam it would generate. Could these printStackTrace() calls please be removed. Perhaps replaced with debug level output.
> IMO having application log output being generated by end-user activity is a problem.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Assigned: (WW-2893) XWorkConverter calling
e.printStackTrace() after bad user input
Posted by "Musachy Barroso (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/struts/browse/WW-2893?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Musachy Barroso reassigned WW-2893:
-----------------------------------
Assignee: Musachy Barroso
> XWorkConverter calling e.printStackTrace() after bad user input
> ---------------------------------------------------------------
>
> Key: WW-2893
> URL: https://issues.apache.org/struts/browse/WW-2893
> Project: Struts 2
> Issue Type: Bug
> Affects Versions: 2.1.2
> Environment: Tomcat 6.0.18
> Reporter: Lucas Nelson
> Assignee: Musachy Barroso
>
> We are getting log output triggered by bad user input from the XWorkConverter#convertValue method - lines 302, 315, 326 in 2.1.2. This can be triggered by having a numeric field and not submitting anything in it, or having a custom converter that throws a TypeConversionException.
> We would have difficulty going into production with bad user input triggering a stack dump in our log files - the frequency of bad input coupled with the computation cost of generating a stack trace, and the log file spam it would generate. Could these printStackTrace() calls please be removed. Perhaps replaced with debug level output.
> IMO having application log output being generated by end-user activity is a problem.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.