+1 Taher On Thu, Jun 28, 2018 at 2:01 PM Michael Brohl <michael.br...@ecomify.de> wrote:
> A strong +1 to your recommendations. > > There were several commits in the OFBiz core recently which were not > properly discussed before they were committed. We should avoid this. > > People should have in mind that other committers might not have the time > to review, think and discuss these patches in the course of a few days. > These things are not urgent and can take their time. > > Thanks and regards, > > Michael > > > Am 28.06.18 um 09:15 schrieb Taher Alkhateeb: > > A few comments: > > > > 1- I would suggest to try and avoid in the future committing any > > design changes to the framework without discussing it properly in the > > mailing list first > > 2- I think it would be better to revert this work. I noticed in the > > JIRA for example that Mathieu Lirzin asked for some time to review his > > work when you just committed his work without checking what he wanted > > to do, and he later provided refactoring patches. > > 3- I would recommend providing a summary of what you want to commit. > > The commit was too long and I don't want to read line-by-line > > everything in the code to understand what was achieved. Let's first > > discuss in here what is being done, agree on the general direction, > > and THEN apply a commit. > > > > Those are my recommendations, and I don't know about the rest of the > > folks opinion here so I invite everyone else to have their input. > > > > On Thu, Jun 28, 2018 at 6:46 AM, Shi Jinghai <huaru...@hotmail.com> > wrote: > >> Hi all, > >> > >> Thanks Jacques, Taher and Nicolas mentioned our community rule, "a > proper discussion". > >> > >> I created an issue "Add method attribute to request-map to controll a > uri can be called GET or POST only" a week ago: > >> https://issues.apache.org/jira/browse/OFBIZ-10438 > >> > >> Thanks Mathieu, he submitted his patches very quickly while I was > preparing mine. I tested them and submitted to trunk. Please be aware, the > latest versions are r1834465 and r1834570, and the implement requires JDK > 1.8. > >> > >> Is the implement acceptable for trunk? Further improvement to do? Would > we backport it to releases? > >> > >> If it's not acceptable, I'll revert the implement. > >> > >> Kind Regards, > >> > >> Shi Jinghai > >> > >> > >> -----邮件原件----- > >> 发件人: Paul Foxworthy [mailto:p...@cohsoft.com.au] > >> 发送时间: 2018年6月26日 19:31 > >> 收件人: dev@ofbiz.apache.org > >> 主题: Re: svn commit: r1834389 - in > /ofbiz/ofbiz-framework/trunk/framework: > base/src/main/java/org/apache/ofbiz/base/util/collections/ webapp/config/ > webapp/dtd/ webapp/src/main/java/org/apache/ofbiz/webapp/control/ > webapp/src/test/java/org/apache/ofbiz/weba... > >> > >> On 26 June 2018 at 17:58, Taher Alkhateeb <slidingfilame...@gmail.com> > >> wrote: > >> > >>> I could be mistaken, but this seems like a very major change that did > >>> not have a thorough and proper discussion at the mailing list? I would > >>> rather at least have an explanation of what was committed and to > >>> discuss the merits and cons of the implementation. > >>> > >> Hi all, > >> > >> I haven't found the specific issue, but wasn't there a major change > several > >> years ago from GET to POST to help guard against XSS attacks? > >> > >> Cheers > >> > >> Paul Foxworthy > >> > >> -- > >> Coherent Software Australia Pty Ltd > >> PO Box 2773 > >> Cheltenham Vic 3192 > >> Australia > >> > >> Phone: +61 3 9585 6788 > >> Web: http://www.coherentsoftware.com.au/ > >> Email: i...@coherentsoftware.com.au > > > -- Best regards, Arun Patidar Director of Information SystemsHotWax Commerce <http://www.hotwax.co/>
