struts-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Yasser Zamani (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (WW-4848) The if test can accidently incorrectly assign a new value to an object
Date Fri, 08 Sep 2017 14:59:00 GMT

    [ https://issues.apache.org/jira/browse/WW-4848?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16158750#comment-16158750
] 

Yasser Zamani commented on WW-4848:
-----------------------------------

Wow! fortunately OGNL project is such great which I can resolve this simply as something like
below:

{code:java}
boolean isBooleanExpression(Object tree){
if(tree instanceof ognl.ComparisonExpression) return true; // checks if root is ==, <,
>, <=, >=
if(not (tree instanceof ognl.BooleanExpression)) return false; // checks if root is not ||,
&&, !
boolean ret = true;
for(int i=0;i<tree.childs.length;i++) ret &= isBooleanExpression(tree.childs[i]);
return ret;
}
{code}

then

{code:title=Ognl.java:459|borderStyle=solid}
    public static Object getValue(Object tree, Map context, Object root, Class resultType)
            throws OgnlException
    {
if(resultType.equals(Boolean.class) && ! isBooleanExpression(tree))
throw new OgnlException("assign a new value to an object is not allowed in boolean expressions.You
may accidentally incorrectly have '=' in your expression");
{code}

*For now I just worry about backward compatibility*.

Firstly I prefer to try a pull request on OGNL's project. If not accepted, then I try Struts2.

Any idea or objections?

> The if test can accidently incorrectly assign a new value to an object
> ----------------------------------------------------------------------
>
>                 Key: WW-4848
>                 URL: https://issues.apache.org/jira/browse/WW-4848
>             Project: Struts 2
>          Issue Type: Bug
>            Reporter: Alan Comeau
>            Priority: Minor
>             Fix For: 2.5.14
>
>
> The {{s:if}} tag has the side effect of assigning to an existing object
> if the comparison is badly formed using {{=}} instead of {{==}}
> {code:html}
> <s:if test="user.id = 0">  
>   //at this point the user.id is now 0 not its original value
> </s:if>
> {code}
> even though this is clearly badly formed, the test should not assign anything to the
object



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Mime
View raw message