Return-Path: X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183]) by cust-asf2.ponee.io (Postfix) with ESMTP id B9427200C4C for ; Mon, 20 Mar 2017 08:05:19 +0100 (CET) Received: by cust-asf.ponee.io (Postfix) id B7F44160B92; Mon, 20 Mar 2017 07:05:19 +0000 (UTC) Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by cust-asf.ponee.io (Postfix) with SMTP id 15D21160B76 for ; Mon, 20 Mar 2017 08:05:18 +0100 (CET) Received: (qmail 93007 invoked by uid 500); 20 Mar 2017 07:05:17 -0000 Mailing-List: contact commits-help@struts.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@struts.apache.org Delivered-To: mailing list commits@struts.apache.org Received: (qmail 91631 invoked by uid 99); 20 Mar 2017 07:05:16 -0000 Received: from git1-us-west.apache.org (HELO git1-us-west.apache.org) (140.211.11.23) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 20 Mar 2017 07:05:16 +0000 Received: by git1-us-west.apache.org (ASF Mail Server at git1-us-west.apache.org, from userid 33) id 7AADDF217C; Mon, 20 Mar 2017 07:05:16 +0000 (UTC) Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: lukaszlenart@apache.org To: commits@struts.apache.org Date: Mon, 20 Mar 2017 07:05:25 -0000 Message-Id: <770bba940217488b895a2f71069456ae@git.apache.org> In-Reply-To: References: X-Mailer: ASF-Git Admin Mailer Subject: [10/13] struts-extras git commit: Adds constructor with proper log information about resolves vulnerabilities archived-at: Mon, 20 Mar 2017 07:05:19 -0000 Adds constructor with proper log information about resolves vulnerabilities Project: http://git-wip-us.apache.org/repos/asf/struts-extras/repo Commit: http://git-wip-us.apache.org/repos/asf/struts-extras/commit/9eafdc5f Tree: http://git-wip-us.apache.org/repos/asf/struts-extras/tree/9eafdc5f Diff: http://git-wip-us.apache.org/repos/asf/struts-extras/diff/9eafdc5f Branch: refs/heads/master Commit: 9eafdc5fd6810d8b2387c0b9c0cf42d0ca735d0f Parents: ef4bd11 Author: Lukasz Lenart Authored: Mon Mar 20 07:42:15 2017 +0100 Committer: Lukasz Lenart Committed: Mon Mar 20 07:42:15 2017 +0100 ---------------------------------------------------------------------- .../struts/extras/SecureJakartaStreamMultiPartRequest.java | 5 +++++ 1 file changed, 5 insertions(+) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/struts-extras/blob/9eafdc5f/struts2-secure-jakarta-stream-multipart-parser-plugin/src/main/java/org/apache/struts/extras/SecureJakartaStreamMultiPartRequest.java ---------------------------------------------------------------------- diff --git a/struts2-secure-jakarta-stream-multipart-parser-plugin/src/main/java/org/apache/struts/extras/SecureJakartaStreamMultiPartRequest.java b/struts2-secure-jakarta-stream-multipart-parser-plugin/src/main/java/org/apache/struts/extras/SecureJakartaStreamMultiPartRequest.java index 3acc55d..cbc06f9 100644 --- a/struts2-secure-jakarta-stream-multipart-parser-plugin/src/main/java/org/apache/struts/extras/SecureJakartaStreamMultiPartRequest.java +++ b/struts2-secure-jakarta-stream-multipart-parser-plugin/src/main/java/org/apache/struts/extras/SecureJakartaStreamMultiPartRequest.java @@ -91,6 +91,11 @@ public class SecureJakartaStreamMultiPartRequest implements MultiPartRequest { */ private Locale defaultLocale = Locale.ENGLISH; + public SecureJakartaStreamMultiPartRequest() { + LOG.info("This is a secure implementation of the Struts Jakarta Stream Multipart parser, " + + "this implementation is safe against vulnerability described in the S2-045/S2-046 Security Bulletins."); + } + /** * Injects the Struts multiple part maximum size. *