Interceptor Stack Order
-----------------------
Key: WW-2489
URL: https://issues.apache.org/struts/browse/WW-2489
Project: Struts 2
Issue Type: Bug
Components: XML Configuration
Affects Versions: 2.0.11
Environment: any
Reporter: Fabio Gandola
Priority: Minor
struts-default.xml (struts 2.0.11) gives this interceptor order in the stacks:
<interceptor-ref name="staticParams"/>
<interceptor-ref name="params"/>
is it correct that staticParams comes before params ? this allow GET and POST
variable to overwrite statically set parameters. Maybe this can lead to
security risks.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
