You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@struts.apache.org by "ASF subversion and git services (JIRA)" <ji...@apache.org> on 2018/10/22 10:24:01 UTC
[jira] [Commented] (WW-4963) Implement new Aware interfaces that
are using withXxxx pattern instead of setters
[ https://issues.apache.org/jira/browse/WW-4963?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16658841#comment-16658841 ]
ASF subversion and git services commented on WW-4963:
-----------------------------------------------------
Commit 56fc731670167878e6b42fdd3a113e62dc871a1d in struts's branch refs/heads/master from [~lukaszlenart]
[ https://gitbox.apache.org/repos/asf?p=struts.git;h=56fc731 ]
WW-4963 Implements new ParametersAware interface
that uses withParameters instead of setHttpParameters
and cleans up logic a bit
> Implement new Aware interfaces that are using withXxxx pattern instead of setters
> ---------------------------------------------------------------------------------
>
> Key: WW-4963
> URL: https://issues.apache.org/jira/browse/WW-4963
> Project: Struts 2
> Issue Type: Improvement
> Components: Core Actions
> Reporter: Lukasz Lenart
> Assignee: Lukasz Lenart
> Priority: Major
> Fix For: 2.6
>
>
> In matter of security I wonder if we should stop using setters in internal API. Like in {{SessionAware}} interface we use {{setSession()}} and each actions must implement this method. Then we have a logic to avoid mapping incoming values to {{setSession()}} to permit injecting values into Session.
> Instead of {{setSession()}} we can use {{withSession()}} or {{applySession()}} - the same can be applied to any *Aware interface.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)