You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@struts.apache.org by "ASF GitHub Bot (JIRA)" <ji...@apache.org> on 2019/02/11 15:17:00 UTC
[jira] [Commented] (WW-5012) Make a public state check the first
acceptance check in SecurityMemberAccess
[ https://issues.apache.org/jira/browse/WW-5012?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16765058#comment-16765058 ]
ASF GitHub Bot commented on WW-5012:
------------------------------------
JCgH4164838Gh792C124B5 commented on pull request #324: Back-port WW-5012 improvements from PR#323 to 2.5.x:
URL: https://github.com/apache/struts/pull/324
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
> Make a public state check the first acceptance check in SecurityMemberAccess
> ----------------------------------------------------------------------------
>
> Key: WW-5012
> URL: https://issues.apache.org/jira/browse/WW-5012
> Project: Struts 2
> Issue Type: Improvement
> Components: Core
> Affects Versions: 2.5.20
> Environment: All environments.
> Reporter: James Chaplin
> Priority: Minor
> Labels: performance, security
> Fix For: 2.5.21, 2.6
>
>
> During discussion for WW-5004, a recommendation was made by two Apache Struts Team members to adjust the sequence of calls in the SecurityMemberAccess module.
> The recommendation was to make the member's public state check (e.g. checkPublicMemberAccess()) the absolute first check made during acceptance checks).
> This improvement would look at implementing this change for the access check ordering, and any minor enhancements that are applicable to the ordering change.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)