struts-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "zhouyanming (JIRA)" <j...@apache.org>
Subject [jira] [Comment Edited] (WW-4540) Enable Strict DMI by default
Date Tue, 13 Oct 2015 05:04:06 GMT

    [ https://issues.apache.org/jira/browse/WW-4540?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14954375#comment-14954375
] 

zhouyanming edited comment on WW-4540 at 10/13/15 5:03 AM:
-----------------------------------------------------------

setter/getter must be designed to ensure safety, getter method is readonly will not change
server state, setter method can always invoked by queryString, setter can not invoked by DMI,
action method should be {code:java}public String method( ){code}, only String getter can be
invoked.


was (Author: quaff):
setter/getter must be designed to ensure safety, getter method is readonly will not change
server state, setter method can always invoked by queryString.

> Enable Strict DMI by default
> ----------------------------
>
>                 Key: WW-4540
>                 URL: https://issues.apache.org/jira/browse/WW-4540
>             Project: Struts 2
>          Issue Type: Improvement
>          Components: Core Actions
>            Reporter: Lukasz Lenart
>            Assignee: Lukasz Lenart
>             Fix For: 2.5
>
>
> Struts 2 already supports {{Strict DMI}} but it's disabled by default. {{Strict DMI}}
should be always enable to allow access only specific methods.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message