You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@struts.apache.org by dg...@apache.org on 2003/02/04 02:51:48 UTC
cvs commit: jakarta-struts/src/share/org/apache/struts/actions DispatchAction.java
dgraham 2003/02/03 17:51:48
Modified: src/share/org/apache/struts/actions DispatchAction.java
Log:
Added check for null method name to prevent LookupDispatchAction from
crashing when the user hacks the query string. PR# 16678
Revision Changes Path
1.12 +11 -6 jakarta-struts/src/share/org/apache/struts/actions/DispatchAction.java
Index: DispatchAction.java
===================================================================
RCS file: /home/cvs/jakarta-struts/src/share/org/apache/struts/actions/DispatchAction.java,v
retrieving revision 1.11
retrieving revision 1.12
diff -u -r1.11 -r1.12
--- DispatchAction.java 22 Sep 2002 05:58:46 -0000 1.11
+++ DispatchAction.java 4 Feb 2003 01:51:47 -0000 1.12
@@ -7,7 +7,7 @@
*
* The Apache Software License, Version 1.1
*
- * Copyright (c) 1999-2001 The Apache Software Foundation. All rights
+ * Copyright (c) 1999-2003 The Apache Software Foundation. All rights
* reserved.
*
* Redistribution and use in source and binary forms, with or without
@@ -249,7 +249,6 @@
/**
* Dispatch to the specified method.
- * Added to class at Revision 1.3
* @since Struts 1.1
*/
protected ActionForward dispatchMethod(ActionMapping mapping,
@@ -257,6 +256,12 @@
HttpServletRequest request,
HttpServletResponse response,
String name) throws Exception {
+
+ // Make sure we have a valid method name to call.
+ // This may be null if the user hacks the query string.
+ if (name == null) {
+ return this.unspecified(mapping, form, request, response);
+ }
// Identify the method object to be dispatched to
Method method = null;
---------------------------------------------------------------------
To unsubscribe, e-mail: struts-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: struts-dev-help@jakarta.apache.org