.....not sure.
I checked on my dev server, on 2.5, and it does not seem to call the
SecurityMemberAccess isAccessible method, will try and trace back to see
why its being called only on 2.3.25
On 14 March 2016 at 08:39, Lukasz Lenart <lukaszlenart@apache.org> wrote:
> 2016-03-14 9:30 GMT+01:00 Greg Huber <gregh3269@gmail.com>:
> > Its checking
> >
> > bean.address.longitude.doubleValue() >>> class java.lang.Double
> >
> > in
> >
> > com.opensymphony.xwork2.ognl.SecurityMemberAccess
> >
> > method
> > isPackageExcluded(...)
> >
> > for (String packageName: excludedPackageNames) {
> > if (targetPackageName.startsWith(packageName) ||
> > targetPackageName.equals(packageName)
> > || memberPackageName.startsWith(packageName) ||
> > memberPackageName.equals(packageName)) {
> > return true;
> > }
> > }
> >
> >
> > packageName == java.lang
> > excludedPackageNames == [java.lang, ognl, javax]
> >
> > So where does the excludedPackageNames come from??
>
> It's here https://issues.apache.org/jira/browse/WW-4575
> There is a unittest for primitive int, adding the same for double, though
>
>
> Regards
> --
> Ćukasz
> + 48 606 323 122 http://www.lenart.org.pl/
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@struts.apache.org
> For additional commands, e-mail: dev-help@struts.apache.org
>
>
|