From commits-return-18308-archive-asf-public=cust-asf.ponee.io@struts.apache.org Thu Jan 31 15:39:42 2019 Return-Path: X-Original-To: archive-asf-public@cust-asf.ponee.io Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by mx-eu-01.ponee.io (Postfix) with SMTP id 7CC2C180648 for ; Thu, 31 Jan 2019 16:39:41 +0100 (CET) Received: (qmail 26366 invoked by uid 500); 31 Jan 2019 15:39:40 -0000 Mailing-List: contact commits-help@struts.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@struts.apache.org Delivered-To: mailing list commits@struts.apache.org Received: (qmail 26357 invoked by uid 99); 31 Jan 2019 15:39:40 -0000 Received: from ec2-52-202-80-70.compute-1.amazonaws.com (HELO gitbox.apache.org) (52.202.80.70) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 31 Jan 2019 15:39:40 +0000 Received: by gitbox.apache.org (ASF Mail Server at gitbox.apache.org, from userid 33) id 1586F85746; Thu, 31 Jan 2019 15:39:40 +0000 (UTC) Date: Thu, 31 Jan 2019 15:39:39 +0000 To: "commits@struts.apache.org" Subject: [struts] branch master updated (14c4c52 -> efd5a7c) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit Message-ID: <154894917963.7520.7249645198150308162@gitbox.apache.org> From: amashchenko@apache.org X-Git-Host: gitbox.apache.org X-Git-Repo: struts X-Git-Refname: refs/heads/master X-Git-Reftype: branch X-Git-Oldrev: 14c4c52be966054bb384a5e8058511a3fe88ff37 X-Git-Newrev: efd5a7c7abc0231bb0a96daab5fcde19916f5fa9 X-Git-NotificationType: ref_changed X-Git-Multimail-Version: 1.5.dev Auto-Submitted: auto-generated This is an automated email from the ASF dual-hosted git repository. amashchenko pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/struts.git. from 14c4c52 Excludes Jenkinsfile from license check new 925eb62 Fix for access issue for 2.6 discovered in WW-5004 (2nd amended commit): - Restored ability to access public static fields (true by default). - Introduced a boolean configuration flag (allowStaticFieldAccess). - Replaced one remaining Boolean.parseBoolean() conversion in OgnlUtil use BooleanUtils.toBoolean(). - Enhanced unit tests to confirm proper operation of the fix. - Replicating L. Lenart's change in PR#317: - Removed injection parameter for setAllowStaticMethodAc [...] new 64bd12b Fix for access issue for 2.6 discovered in WW-5004 (Minor update to previous commit): - Restored ability to access public static fields (true by default). - Introduced a boolean configuration flag (allowStaticFieldAccess). - Replaced one remaining Boolean.parseBoolean() conversion in OgnlUtil use BooleanUtils.toBoolean(). - Enhanced unit tests to confirm proper operation of the fix. - Replicating L. Lenart's change in PR#317: - Removed injection parameter for setAllowS [...] new efd5a7c Merge pull request #320 from JCgH4164838Gh792C124B5/localS2_26x_B2 The 5613 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference. Summary of changes: .../providers/XWorkConfigurationProvider.java | 1 + .../com/opensymphony/xwork2/ognl/OgnlUtil.java | 10 +- .../opensymphony/xwork2/ognl/OgnlValueStack.java | 19 +-- .../xwork2/ognl/OgnlValueStackFactory.java | 32 +++- .../xwork2/ognl/SecurityMemberAccess.java | 69 +++++++-- .../java/org/apache/struts2/StrutsConstants.java | 3 + .../interceptor/ParametersInterceptorTest.java | 2 +- .../com/opensymphony/xwork2/ognl/OgnlUtilTest.java | 166 ++++++++++++++++++++- .../xwork2/ognl/OgnlValueStackTest.java | 10 +- .../xwork2/ognl/SecurityMemberAccessProxyTest.java | 4 +- .../xwork2/ognl/SecurityMemberAccessTest.java | 154 +++++++++++++++---- .../xwork2/ognl/SetPropertiesTest.java | 2 +- .../struts2/result/ServletRedirectResultTest.java | 2 +- .../util/SecurityMemberAccessInServletsTest.java | 4 +- ...-false.xml => xwork-test-staticfield-false.xml} | 1 + ...e-false.xml => xwork-test-staticfield-true.xml} | 1 + 16 files changed, 404 insertions(+), 76 deletions(-) copy core/src/test/resources/com/opensymphony/xwork2/config/providers/{xwork-test-allowstatic-devmode-false.xml => xwork-test-staticfield-false.xml} (98%) copy core/src/test/resources/com/opensymphony/xwork2/config/providers/{xwork-test-allowstatic-devmode-false.xml => xwork-test-staticfield-true.xml} (98%)