yasserzamani commented on a change in pull request #483:
URL: https://github.com/apache/struts/pull/483#discussion_r615238766
##########
File path:
core/src/main/java/com/opensymphony/xwork2/interceptor/AliasInterceptor.java
##########
@@ -167,7 +182,13 @@ public void setAliasesKey(String aliasesKey) {
for (Object o : aliases.entrySet()) {
Map.Entry entry = (Map.Entry) o;
String name = entry.getKey().toString();
+ if (isNotAcceptableExpression(name)) {
+ continue;
+ }
String alias = (String) entry.getValue();
+ if (isNotAcceptableExpression(alias)) {
+ continue;
+ }
Review comment:
BTW I knew and understand that you probably mean that those are
developer constant expressions and I shouldn't consider the first evaluation
actually a real evaluation at this specific case for example, but unfortunately
here in this interceptor I don't have an easy way to recognize if it's really
evaluated and has parsed variables or not, in Component.java I had it,
`!parsedResult.equals(findString(name))`. So unfortunately I can't for now
easily distinguish between `#{'application.myName':'myName'}` and `#{
#parameters['name'] : #parameters['alias'] }` where in first one evaluation is
just a constant to String but in second one it's reading from end user
parameters!
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
