[
https://issues.apache.org/struts/browse/WW-2893?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Musachy Barroso reassigned WW-2893:
-----------------------------------
Assignee: Musachy Barroso
> XWorkConverter calling e.printStackTrace() after bad user input
> ---------------------------------------------------------------
>
> Key: WW-2893
> URL: https://issues.apache.org/struts/browse/WW-2893
> Project: Struts 2
> Issue Type: Bug
> Affects Versions: 2.1.2
> Environment: Tomcat 6.0.18
> Reporter: Lucas Nelson
> Assignee: Musachy Barroso
>
> We are getting log output triggered by bad user input from the
> XWorkConverter#convertValue method - lines 302, 315, 326 in 2.1.2. This can
> be triggered by having a numeric field and not submitting anything in it, or
> having a custom converter that throws a TypeConversionException.
> We would have difficulty going into production with bad user input triggering
> a stack dump in our log files - the frequency of bad input coupled with the
> computation cost of generating a stack trace, and the log file spam it would
> generate. Could these printStackTrace() calls please be removed. Perhaps
> replaced with debug level output.
> IMO having application log output being generated by end-user activity is a
> problem.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
