A strong +1 to your recommendations.There were several commits in the OFBiz core recently which were not properly discussed before they were committed. We should avoid this.
People should have in mind that other committers might not have the time to review, think and discuss these patches in the course of a few days. These things are not urgent and can take their time.
Thanks and regards, Michael Am 28.06.18 um 09:15 schrieb Taher Alkhateeb:
A few comments: 1- I would suggest to try and avoid in the future committing any design changes to the framework without discussing it properly in the mailing list first 2- I think it would be better to revert this work. I noticed in the JIRA for example that Mathieu Lirzin asked for some time to review his work when you just committed his work without checking what he wanted to do, and he later provided refactoring patches. 3- I would recommend providing a summary of what you want to commit. The commit was too long and I don't want to read line-by-line everything in the code to understand what was achieved. Let's first discuss in here what is being done, agree on the general direction, and THEN apply a commit. Those are my recommendations, and I don't know about the rest of the folks opinion here so I invite everyone else to have their input. On Thu, Jun 28, 2018 at 6:46 AM, Shi Jinghai <huaru...@hotmail.com> wrote:Hi all, Thanks Jacques, Taher and Nicolas mentioned our community rule, "a proper discussion". I created an issue "Add method attribute to request-map to controll a uri can be called GET or POST only" a week ago: https://issues.apache.org/jira/browse/OFBIZ-10438 Thanks Mathieu, he submitted his patches very quickly while I was preparing mine. I tested them and submitted to trunk. Please be aware, the latest versions are r1834465 and r1834570, and the implement requires JDK 1.8. Is the implement acceptable for trunk? Further improvement to do? Would we backport it to releases? If it's not acceptable, I'll revert the implement. Kind Regards, Shi Jinghai -----邮件原件----- 发件人: Paul Foxworthy [mailto:p...@cohsoft.com.au] 发送时间: 2018年6月26日 19:31 收件人: dev@ofbiz.apache.org 主题: Re: svn commit: r1834389 - in /ofbiz/ofbiz-framework/trunk/framework: base/src/main/java/org/apache/ofbiz/base/util/collections/ webapp/config/ webapp/dtd/ webapp/src/main/java/org/apache/ofbiz/webapp/control/ webapp/src/test/java/org/apache/ofbiz/weba... On 26 June 2018 at 17:58, Taher Alkhateeb <slidingfilame...@gmail.com> wrote:I could be mistaken, but this seems like a very major change that did not have a thorough and proper discussion at the mailing list? I would rather at least have an explanation of what was committed and to discuss the merits and cons of the implementation.Hi all, I haven't found the specific issue, but wasn't there a major change several years ago from GET to POST to help guard against XSS attacks? Cheers Paul Foxworthy -- Coherent Software Australia Pty Ltd PO Box 2773 Cheltenham Vic 3192 Australia Phone: +61 3 9585 6788 Web: http://www.coherentsoftware.com.au/ Email: i...@coherentsoftware.com.au
smime.p7s
Description: S/MIME Cryptographic Signature
