You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@struts.apache.org by lu...@apache.org on 2016/04/20 08:22:12 UTC
[1/5] struts git commit: Upgrades OGNL
Repository: struts
Updated Branches:
refs/heads/support-2-3 cbae13a6a -> deefeffd1
Upgrades OGNL
Project: http://git-wip-us.apache.org/repos/asf/struts/repo
Commit: http://git-wip-us.apache.org/repos/asf/struts/commit/d36f31b3
Tree: http://git-wip-us.apache.org/repos/asf/struts/tree/d36f31b3
Diff: http://git-wip-us.apache.org/repos/asf/struts/diff/d36f31b3
Branch: refs/heads/support-2-3
Commit: d36f31b3e1a65c619b1cbaf743baa3efc66168be
Parents: cbae13a
Author: Lukasz Lenart <lu...@apache.org>
Authored: Tue Apr 19 14:21:53 2016 +0200
Committer: Lukasz Lenart <lu...@apache.org>
Committed: Wed Apr 20 08:00:53 2016 +0200
----------------------------------------------------------------------
pom.xml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/struts/blob/d36f31b3/pom.xml
----------------------------------------------------------------------
diff --git a/pom.xml b/pom.xml
index 9a02482..c465aaf 100644
--- a/pom.xml
+++ b/pom.xml
@@ -86,7 +86,7 @@
<properties>
<currentVersion>${project.version}</currentVersion>
<struts2.springPlatformVersion>3.0.5.RELEASE</struts2.springPlatformVersion>
- <ognl.version>3.0.13</ognl.version>
+ <ognl.version>3.0.14</ognl.version>
<asm.version>3.3</asm.version>
<asm5.version>5.0.2</asm5.version>
<tiles.version>2.2.2</tiles.version>
[2/5] struts git commit: Uses isSequence flag to block chained
expressions
Posted by lu...@apache.org.
Uses isSequence flag to block chained expressions
Project: http://git-wip-us.apache.org/repos/asf/struts/repo
Commit: http://git-wip-us.apache.org/repos/asf/struts/commit/5190b536
Tree: http://git-wip-us.apache.org/repos/asf/struts/tree/5190b536
Diff: http://git-wip-us.apache.org/repos/asf/struts/diff/5190b536
Branch: refs/heads/support-2-3
Commit: 5190b53673a710ead31bbb5f82cf4ca171994629
Parents: d36f31b
Author: Lukasz Lenart <lu...@apache.org>
Authored: Mon Apr 18 20:38:27 2016 +0200
Committer: Lukasz Lenart <lu...@apache.org>
Committed: Wed Apr 20 08:01:02 2016 +0200
----------------------------------------------------------------------
.../java/com/opensymphony/xwork2/ognl/OgnlUtil.java | 6 +++---
.../com/opensymphony/xwork2/ognl/OgnlUtilTest.java | 15 +++++++++++++++
2 files changed, 18 insertions(+), 3 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/struts/blob/5190b536/xwork-core/src/main/java/com/opensymphony/xwork2/ognl/OgnlUtil.java
----------------------------------------------------------------------
diff --git a/xwork-core/src/main/java/com/opensymphony/xwork2/ognl/OgnlUtil.java b/xwork-core/src/main/java/com/opensymphony/xwork2/ognl/OgnlUtil.java
index eade684..40d112b 100644
--- a/xwork-core/src/main/java/com/opensymphony/xwork2/ognl/OgnlUtil.java
+++ b/xwork-core/src/main/java/com/opensymphony/xwork2/ognl/OgnlUtil.java
@@ -288,7 +288,7 @@ public class OgnlUtil {
compileAndExecute(name, context, new OgnlTask<Void>() {
public Void execute(Object tree) throws OgnlException {
if (isEvalExpression(tree, context)) {
- throw new OgnlException("Eval expression cannot be used as parameter name");
+ throw new OgnlException("Eval expression/chained expressions cannot be used as parameter name");
}
Ognl.setValue(tree, context, root, value);
return null;
@@ -304,7 +304,7 @@ public class OgnlUtil {
if (context!=null && context instanceof OgnlContext) {
ognlContext = (OgnlContext) context;
}
- return node.isEvalChain(ognlContext);
+ return node.isEvalChain(ognlContext) || node.isSequence(ognlContext);
}
return false;
}
@@ -361,7 +361,7 @@ public class OgnlUtil {
private void checkEnableEvalExpression(Object tree, Map<String, Object> context) throws OgnlException {
if (!enableEvalExpression && isEvalExpression(tree, context)) {
- throw new OgnlException("Eval expressions has been disabled!");
+ throw new OgnlException("Eval expressions/chained expressions have been disabled!");
}
}
http://git-wip-us.apache.org/repos/asf/struts/blob/5190b536/xwork-core/src/test/java/com/opensymphony/xwork2/ognl/OgnlUtilTest.java
----------------------------------------------------------------------
diff --git a/xwork-core/src/test/java/com/opensymphony/xwork2/ognl/OgnlUtilTest.java b/xwork-core/src/test/java/com/opensymphony/xwork2/ognl/OgnlUtilTest.java
index 96daab0..a0d3f2b 100644
--- a/xwork-core/src/test/java/com/opensymphony/xwork2/ognl/OgnlUtilTest.java
+++ b/xwork-core/src/test/java/com/opensymphony/xwork2/ognl/OgnlUtilTest.java
@@ -750,6 +750,21 @@ public class OgnlUtilTest extends XWorkTestCase {
assertEquals(expected.getMessage(), "Method \"getRuntime\" failed for object class java.lang.Runtime");
}
+ public void testBlockSequenceOfExpressions() throws Exception {
+ Foo foo = new Foo();
+
+ Exception expected = null;
+ try {
+ ognlUtil.setValue("#booScope=@myclass@DEFAULT_SCOPE,#bootScope.init()", ognlUtil.createDefaultContext(foo), foo, true);
+ fail();
+ } catch (OgnlException e) {
+ expected = e;
+ }
+ assertNotNull(expected);
+ assertSame(OgnlException.class, expected.getClass());
+ assertEquals(expected.getMessage(), "Eval expressions/chained expressions have been disabled!");
+ }
+
public static class Email {
String address;
[3/5] struts git commit: Adds additional blocked classes
Posted by lu...@apache.org.
Adds additional blocked classes
Project: http://git-wip-us.apache.org/repos/asf/struts/repo
Commit: http://git-wip-us.apache.org/repos/asf/struts/commit/46517afb
Tree: http://git-wip-us.apache.org/repos/asf/struts/tree/46517afb
Diff: http://git-wip-us.apache.org/repos/asf/struts/diff/46517afb
Branch: refs/heads/support-2-3
Commit: 46517afb1402fbf3fd84089920b43cc07e948a92
Parents: 5190b53
Author: Lukasz Lenart <lu...@apache.org>
Authored: Mon Apr 18 20:38:49 2016 +0200
Committer: Lukasz Lenart <lu...@apache.org>
Committed: Wed Apr 20 08:01:12 2016 +0200
----------------------------------------------------------------------
core/src/main/resources/struts-default.xml | 2 ++
1 file changed, 2 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/struts/blob/46517afb/core/src/main/resources/struts-default.xml
----------------------------------------------------------------------
diff --git a/core/src/main/resources/struts-default.xml b/core/src/main/resources/struts-default.xml
index 441ae54..3686c20 100644
--- a/core/src/main/resources/struts-default.xml
+++ b/core/src/main/resources/struts-default.xml
@@ -50,6 +50,8 @@
ognl.OgnlContext,
ognl.ClassResolver,
ognl.TypeConverter,
+ ognl.MemberAccess,
+ ognl.DefaultMemberAccess,
com.opensymphony.xwork2.ognl.SecurityMemberAccess,
com.opensymphony.xwork2.ActionContext" />
[4/5] struts git commit: Drops defining location via request
Posted by lu...@apache.org.
Drops defining location via request
Project: http://git-wip-us.apache.org/repos/asf/struts/repo
Commit: http://git-wip-us.apache.org/repos/asf/struts/commit/98d2692e
Tree: http://git-wip-us.apache.org/repos/asf/struts/tree/98d2692e
Diff: http://git-wip-us.apache.org/repos/asf/struts/diff/98d2692e
Branch: refs/heads/support-2-3
Commit: 98d2692e434fe7f4d445ade24fe2c9860de1c13f
Parents: 46517af
Author: Lukasz Lenart <lu...@apache.org>
Authored: Mon Apr 18 20:39:05 2016 +0200
Committer: Lukasz Lenart <lu...@apache.org>
Committed: Wed Apr 20 08:01:22 2016 +0200
----------------------------------------------------------------------
.../main/java/org/apache/struts2/views/xslt/XSLTResult.java | 7 +------
1 file changed, 1 insertion(+), 6 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/struts/blob/98d2692e/core/src/main/java/org/apache/struts2/views/xslt/XSLTResult.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/struts2/views/xslt/XSLTResult.java b/core/src/main/java/org/apache/struts2/views/xslt/XSLTResult.java
index 7c3dd77..e703325 100644
--- a/core/src/main/java/org/apache/struts2/views/xslt/XSLTResult.java
+++ b/core/src/main/java/org/apache/struts2/views/xslt/XSLTResult.java
@@ -448,12 +448,7 @@ public class XSLTResult implements Result {
ServletActionContext.getServletContext());
}
- protected Templates getTemplates(String path) throws TransformerException, IOException {
- String pathFromRequest = ServletActionContext.getRequest().getParameter("xslt.location");
-
- if (pathFromRequest != null)
- path = pathFromRequest;
-
+ protected Templates getTemplates(final String path) throws TransformerException, IOException {
if (path == null)
throw new TransformerException("Stylesheet path is null");
[5/5] struts git commit: Cleans up method name
Posted by lu...@apache.org.
Cleans up method name
Project: http://git-wip-us.apache.org/repos/asf/struts/repo
Commit: http://git-wip-us.apache.org/repos/asf/struts/commit/deefeffd
Tree: http://git-wip-us.apache.org/repos/asf/struts/tree/deefeffd
Diff: http://git-wip-us.apache.org/repos/asf/struts/diff/deefeffd
Branch: refs/heads/support-2-3
Commit: deefeffd11425f0cd0b797cd86a9b3550234262b
Parents: 98d2692
Author: Lukasz Lenart <lu...@apache.org>
Authored: Tue Apr 19 08:25:28 2016 +0200
Committer: Lukasz Lenart <lu...@apache.org>
Committed: Wed Apr 20 08:01:29 2016 +0200
----------------------------------------------------------------------
.../struts2/dispatcher/mapper/DefaultActionMapper.java | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/struts/blob/deefeffd/core/src/main/java/org/apache/struts2/dispatcher/mapper/DefaultActionMapper.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/struts2/dispatcher/mapper/DefaultActionMapper.java b/core/src/main/java/org/apache/struts2/dispatcher/mapper/DefaultActionMapper.java
index a7a1a69..024e2d3 100644
--- a/core/src/main/java/org/apache/struts2/dispatcher/mapper/DefaultActionMapper.java
+++ b/core/src/main/java/org/apache/struts2/dispatcher/mapper/DefaultActionMapper.java
@@ -136,7 +136,7 @@ public class DefaultActionMapper implements ActionMapper {
put(METHOD_PREFIX, new ParameterAction() {
public void execute(String key, ActionMapping mapping) {
if (allowDynamicMethodCalls) {
- mapping.setMethod(key.substring(METHOD_PREFIX.length()));
+ mapping.setMethod(cleanupActionName(key.substring(METHOD_PREFIX.length())));
}
}
});
@@ -148,7 +148,7 @@ public class DefaultActionMapper implements ActionMapper {
if (allowDynamicMethodCalls) {
int bang = name.indexOf('!');
if (bang != -1) {
- String method = name.substring(bang + 1);
+ String method = cleanupActionName(name.substring(bang + 1));
mapping.setMethod(method);
name = name.substring(0, bang);
}
@@ -385,7 +385,7 @@ public class DefaultActionMapper implements ActionMapper {
return rawActionName;
} else {
if (LOG.isWarnEnabled()) {
- LOG.warn("Action [#0] does not match allowed action names pattern [#1], cleaning it up!",
+ LOG.warn("Action/method [#0] does not match allowed action names pattern [#1], cleaning it up!",
rawActionName, allowedActionNames);
}
String cleanActionName = rawActionName;
@@ -393,7 +393,7 @@ public class DefaultActionMapper implements ActionMapper {
cleanActionName = cleanActionName.replace(chunk, "");
}
if (LOG.isDebugEnabled()) {
- LOG.debug("Cleaned action name [#0]", cleanActionName);
+ LOG.debug("Cleaned action/method name [#0]", cleanActionName);
}
return cleanActionName;
}