struts-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Don Brown" <mr...@twdata.org>
Subject Re: A session value is overwrited by demanding a browser.
Date Thu, 18 Oct 2007 13:09:43 GMT
For those not following the ticket, I've written unit tests that
verify this is not an issue.  Private variables and protected accessor
methods are not accessed by the ParametersInterceptor, which is the
piece that translates request parameters to method calls.

As always, this is a good time to reiterate that you do need to be
careful what data you expose via public accessor methods on your
Actions.

Don

On 10/18/07, Hisato Killing <hisato.killing@gmail.com> wrote:
> Hello.
>
> I posted this issue to JIRA.
>
> Thank you for your advice, Phil and Jim.
>
> I atached a sample.
> A action named SessionUser has no public getSession(), but this
> problem is caused.
>
> I think that it is necessary to fix this.
>
>
> >>> it seems that Hisato Killing
> >>> (or Tatekura Hisato, who knows? :-) )
>
> I had forgotten introducing oneself.
> My name is Hisato Tatekura. Killing is my handle name it means "samurai slash".
> I live in Tokyo, Japan. And I speek Japanese and Java, so I'm not good
> at English.
>
> Thanks.
>
> --
> Hisato "killing" Tatekura
> hisato.killing@gmail.com
> http://www.gigafield.org/  (Japanese language)
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@struts.apache.org
> For additional commands, e-mail: dev-help@struts.apache.org
>
>

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@struts.apache.org
For additional commands, e-mail: dev-help@struts.apache.org


Mime
View raw message