[ http://issues.apache.org/jira/browse/MYFACES-673?page=all ]
Ramon Casha updated MYFACES-673:
--------------------------------
Attachment: ExtFilter4All.patch
This patch file alters ExtensionsFilter.java and AddResource.java to allow the
facilities of the extensions filter in loading resources to be used by classes
not in the myfaces package, while retaining the security precautions. This
patch allows a new context-param, "org.apache.myfaces.AuthorisedPackages" to be
added to the web.xml file. This param should contain a comma-separated list of
package names from which resources can be added. The MyFaces custom-controls
package is included implicitly. Otherwise it works the same - namely that
resources to be added need to be in a subdirectory "resources" of the component
class itself.
> Allow Extensions Filter's facilities to be used by non-myfaces packages
> -----------------------------------------------------------------------
>
> Key: MYFACES-673
> URL: http://issues.apache.org/jira/browse/MYFACES-673
> Project: MyFaces
> Type: Wish
> Versions: Nightly
> Reporter: Ramon Casha
> Attachments: ExtFilter4All.patch
>
> The facilities offered by MyFaces' extensions filter, such as serving
> resources, could be very useful to authors of other custom components. It
> currently restricts itself (for security reasons) to classes under the
> org.apache.myfaces.custom package, but this could be parameterised, for
> instance adding a list of other "authorised" packages as init-params in the
> web.xml file.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
