struts-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF subversion and git services (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (WW-4983) Set private access modifier for HttpParameters.toMap
Date Tue, 20 Nov 2018 11:46:01 GMT

    [ https://issues.apache.org/jira/browse/WW-4983?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16693116#comment-16693116
] 

ASF subversion and git services commented on WW-4983:
-----------------------------------------------------

Commit c10d62209d4ca6502e9d2f056a76a48102ed5e31 in struts's branch refs/heads/master from
[~koelnconcert]
[ https://gitbox.apache.org/repos/asf?p=struts.git;h=c10d622 ]

WW-4983 Set private access modifier for HttpParameters.toMap

This method can be potentially dangerous as it allows access to raw
parameter values.


> Set private access modifier for HttpParameters.toMap
> ----------------------------------------------------
>
>                 Key: WW-4983
>                 URL: https://issues.apache.org/jira/browse/WW-4983
>             Project: Struts 2
>          Issue Type: Task
>          Components: Core
>            Reporter: Sebastian Peters
>            Priority: Minor
>              Labels: easyfix, security
>             Fix For: 2.6
>
>
> As stated in WW-4710 by [~lukaszlenart] this method can be potentially dangerous as it
allows access to raw parameter values. It should only be used internally.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Mime
View raw message