struts-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF GitHub Bot (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (WW-4983) Set private access modifier for HttpParameters.toMap
Date Mon, 19 Nov 2018 19:08:00 GMT

    [ https://issues.apache.org/jira/browse/WW-4983?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16692133#comment-16692133
] 

ASF GitHub Bot commented on WW-4983:
------------------------------------

sepe81 opened a new pull request #276: WW-4983 Set private access modifier for HttpParameters.toMap
URL: https://github.com/apache/struts/pull/276
 
 
   This method can be potentially dangerous as it allows access to raw
   parameter values.

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
users@infra.apache.org


> Set private access modifier for HttpParameters.toMap
> ----------------------------------------------------
>
>                 Key: WW-4983
>                 URL: https://issues.apache.org/jira/browse/WW-4983
>             Project: Struts 2
>          Issue Type: Task
>          Components: Core
>            Reporter: Sebastian Peters
>            Priority: Minor
>              Labels: easyfix, security
>             Fix For: 2.6
>
>
> As stated in WW-4710 by [~lukaszlenart] this method can be potentially dangerous as it
allows access to raw parameter values. It should only be used internally.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Mime
View raw message