struts-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Greg Huber <gregh3...@gmail.com>
Subject Re: Struts 2.3.25
Date Mon, 14 Mar 2016 08:30:35 GMT
Its checking

bean.address.longitude.doubleValue() >>> class java.lang.Double

in

com.opensymphony.xwork2.ognl.SecurityMemberAccess

method
isPackageExcluded(...)

for (String packageName: excludedPackageNames) {
            if (targetPackageName.startsWith(packageName) ||
targetPackageName.equals(packageName)
                    || memberPackageName.startsWith(packageName) ||
memberPackageName.equals(packageName)) {
                return true;
            }
        }


packageName == java.lang
excludedPackageNames == [java.lang, ognl, javax]

So where does the excludedPackageNames come from??


On 14 March 2016 at 08:21, Lukasz Lenart <lukaszlenart@apache.org> wrote:

> 2016-03-14 8:46 GMT+01:00 Greg Huber <gregh3269@gmail.com>:
> > Sorry, missed this further up the log
> >
> > .....which is our double
> >
> > com.opensymphony.xwork2.ognl.SecurityMemberAccess CommonsLogger:warn -
> > Package of target [51.466173] or package of member [public double
> > java.lang.Double.doubleValue()] are excluded!
> >
> > !( (bean.address.latitude.doubleValue() == 0) and
> > (bean.address.longitude.doubleValue() > 0)
> >              || (bean.address.latitude.doubleValue() > 0) and
> > (bean.address.longitude.doubleValue() == 0)
> >           )
>
> WAT?!?
>
>
> Regards
> --
> Ɓukasz
> + 48 606 323 122 http://www.lenart.org.pl/
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@struts.apache.org
> For additional commands, e-mail: dev-help@struts.apache.org
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message