ParametersInterceptor.java

lukaszlenart Mon, 21 Oct 2013 03:51:20 -0700

Author: lukaszlenart
Date: Mon Oct 21 10:49:52 2013
New Revision: 1534089

URL: http://svn.apache.org/r1534089
Log:
WW-4023 Adds action: and method: prefixes to excludeParams list and changes 
order to first check for excludeParams and then for acceptedParams in 
ParametersInterceptor


Modified:
    struts/struts2/trunk/core/src/main/resources/struts-default.xml
    
struts/struts2/trunk/xwork-core/src/main/java/com/opensymphony/xwork2/interceptor/ParametersInterceptor.java

Modified: struts/struts2/trunk/core/src/main/resources/struts-default.xml
URL: 
http://svn.apache.org/viewvc/struts/struts2/trunk/core/src/main/resources/struts-default.xml?rev=1534089&r1=1534088&r2=1534089&view=diff
==============================================================================
--- struts/struts2/trunk/core/src/main/resources/struts-default.xml (original)
+++ struts/struts2/trunk/core/src/main/resources/struts-default.xml Mon Oct 21 
10:49:52 2013
@@ -251,7 +251,7 @@
                 <interceptor-ref name="checkbox"/>
                 <interceptor-ref name="multiselect"/>
                 <interceptor-ref name="params">
-                    <param 
name="excludeParams">dojo\..*,^struts\..*,^session\..*,^request\..*,^application\..*,^servlet(Request|Response)\..*,parameters\...*</param>
+                    <param 
name="excludeParams">^dojo\..*,^struts\..*,^session\..*,^request\..*,^application\..*,^servlet(Request|Response)\..*,^parameters\..*,^action:.*,^method:.*</param>
                 </interceptor-ref>
                 <interceptor-ref name="servletConfig"/>
                 <interceptor-ref name="prepare"/>
@@ -261,7 +261,7 @@
                 <interceptor-ref name="staticParams"/>
                 <interceptor-ref name="actionMappingParams"/>
                 <interceptor-ref name="params">
-                    <param 
name="excludeParams">dojo\..*,^struts\..*,^session\..*,^request\..*,^application\..*,^servlet(Request|Response)\..*,parameters\...*</param>
+                    <param 
name="excludeParams">^dojo\..*,^struts\..*,^session\..*,^request\..*,^application\..*,^servlet(Request|Response)\..*,^parameters\..*,^action:.*,^method:.*</param>
                 </interceptor-ref>
                 <interceptor-ref name="conversionError"/>
                 <interceptor-ref name="validation">
@@ -298,7 +298,7 @@
                 <interceptor-ref name="staticParams"/>
                 <interceptor-ref name="actionMappingParams"/>
                 <interceptor-ref name="params">
-                    <param 
name="excludeParams">dojo\..*,^struts\..*,^session\..*,^request\..*,^application\..*,^servlet(Request|Response)\..*,parameters\...*</param>
+                    <param 
name="excludeParams">^dojo\..*,^struts\..*,^session\..*,^request\..*,^application\..*,^servlet(Request|Response)\..*,^parameters\..*,^action:.*,^method:.*</param>
                 </interceptor-ref>
                 <interceptor-ref name="conversionError"/>
                 <interceptor-ref name="validation">

Modified: 
struts/struts2/trunk/xwork-core/src/main/java/com/opensymphony/xwork2/interceptor/ParametersInterceptor.java
URL: 
http://svn.apache.org/viewvc/struts/struts2/trunk/xwork-core/src/main/java/com/opensymphony/xwork2/interceptor/ParametersInterceptor.java?rev=1534089&r1=1534088&r2=1534089&view=diff
==============================================================================
--- 
struts/struts2/trunk/xwork-core/src/main/java/com/opensymphony/xwork2/interceptor/ParametersInterceptor.java
 (original)
+++ 
struts/struts2/trunk/xwork-core/src/main/java/com/opensymphony/xwork2/interceptor/ParametersInterceptor.java
 Mon Oct 21 10:49:52 2013
@@ -144,8 +144,7 @@ public class ParametersInterceptor exten
     private boolean devMode = false;
 
     // Allowed names of parameters
-    private String acceptedParamNames = ACCEPTED_PARAM_NAMES;
-    private Pattern acceptedPattern = Pattern.compile(acceptedParamNames);
+    private Pattern acceptedPattern = Pattern.compile(ACCEPTED_PARAM_NAMES);
 
     private ValueStackFactory valueStackFactory;
 
@@ -389,7 +388,7 @@ public class ParametersInterceptor exten
     }
 
     protected boolean acceptableName(String name) {
-        boolean accepted = isWithinLengthLimit(name) && isAccepted(name) && 
!isExcluded(name);
+        boolean accepted = isWithinLengthLimit(name) && !isExcluded(name) && 
isAccepted(name);
         if (devMode && accepted) { // notify only when in devMode
             LOG.debug("Parameter [#0] was accepted and will be appended to 
action!", name);
         }

svn commit: r1534089 - in /struts/struts2/trunk: core/src/main/resources/struts-default.xml xwork-core/src/main/java/com/opensymphony/xwork2/interceptor/ParametersInterceptor.java

Reply via email to