You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@struts.apache.org by lu...@apache.org on 2016/02/05 09:06:11 UTC
struts git commit: WW-4596 Uses unmodifiable set to avoid changing
allowed methods
Repository: struts
Updated Branches:
refs/heads/master 0cc5fcaaa -> c53c6d8c8
WW-4596 Uses unmodifiable set to avoid changing allowed methods
Project: http://git-wip-us.apache.org/repos/asf/struts/repo
Commit: http://git-wip-us.apache.org/repos/asf/struts/commit/c53c6d8c
Tree: http://git-wip-us.apache.org/repos/asf/struts/tree/c53c6d8c
Diff: http://git-wip-us.apache.org/repos/asf/struts/diff/c53c6d8c
Branch: refs/heads/master
Commit: c53c6d8c8e3c2985dd57b7d7c0e2b30cce85e3e8
Parents: 0cc5fca
Author: Lukasz Lenart <lu...@apache.org>
Authored: Fri Feb 5 09:02:52 2016 +0100
Committer: Lukasz Lenart <lu...@apache.org>
Committed: Fri Feb 5 09:02:52 2016 +0100
----------------------------------------------------------------------
.../com/opensymphony/xwork2/config/entities/PackageConfig.java | 2 +-
.../xwork2/config/providers/XmlConfigurationProvider.java | 6 +++---
2 files changed, 4 insertions(+), 4 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/struts/blob/c53c6d8c/core/src/main/java/com/opensymphony/xwork2/config/entities/PackageConfig.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/com/opensymphony/xwork2/config/entities/PackageConfig.java b/core/src/main/java/com/opensymphony/xwork2/config/entities/PackageConfig.java
index 1e7a4dd..c0e9477 100644
--- a/core/src/main/java/com/opensymphony/xwork2/config/entities/PackageConfig.java
+++ b/core/src/main/java/com/opensymphony/xwork2/config/entities/PackageConfig.java
@@ -519,7 +519,7 @@ public class PackageConfig extends Located implements Comparable, Serializable,
public Set<String> getGlobalAllowedMethods() {
Set <String> allowedMethods = target.globalAllowedMethods;
allowedMethods.addAll(getParentsAllowedMethods(target.parents));
- return allowedMethods;
+ return Collections.unmodifiableSet(allowedMethods);
}
public Set<String> getParentsAllowedMethods(List<PackageConfig> parents) {
http://git-wip-us.apache.org/repos/asf/struts/blob/c53c6d8c/core/src/main/java/com/opensymphony/xwork2/config/providers/XmlConfigurationProvider.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/com/opensymphony/xwork2/config/providers/XmlConfigurationProvider.java b/core/src/main/java/com/opensymphony/xwork2/config/providers/XmlConfigurationProvider.java
index c27f95b..1ea9c3e 100644
--- a/core/src/main/java/com/opensymphony/xwork2/config/providers/XmlConfigurationProvider.java
+++ b/core/src/main/java/com/opensymphony/xwork2/config/providers/XmlConfigurationProvider.java
@@ -859,7 +859,7 @@ public class XmlConfigurationProvider implements ConfigurationProvider {
Set<String> allowedMethods;
if (allowedMethodsEls.getLength() > 0) {
// user defined 'allowed-methods' so used them whatever Strict DMI was enabled or not
- allowedMethods = packageContext.getGlobalAllowedMethods();
+ allowedMethods = new HashSet<>(packageContext.getGlobalAllowedMethods());
if (allowedMethodsEls.getLength() > 0) {
Node n = allowedMethodsEls.item(0).getFirstChild();
@@ -872,14 +872,14 @@ public class XmlConfigurationProvider implements ConfigurationProvider {
}
} else if (packageContext.isStrictMethodInvocation()) {
// user enabled Strict DMI but didn't defined action specific 'allowed-methods' so we use 'global-allowed-methods' only
- allowedMethods = packageContext.getGlobalAllowedMethods();
+ allowedMethods = new HashSet<>(packageContext.getGlobalAllowedMethods());
} else {
// Strict DMI is disabled to any method can be called
allowedMethods = new HashSet<>();
allowedMethods.add(ActionConfig.REGEX_WILDCARD);
}
- return allowedMethods;
+ return Collections.unmodifiableSet(allowedMethods);
}
protected void loadDefaultInterceptorRef(PackageConfig.Builder packageContext, Element element) {