[
https://issues.apache.org/jira/browse/WW-3655?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Lukasz Lenart updated WW-3655:
------------------------------
Fix Version/s: 7.0.0
(was: 6.1.0)
> Freemarker result loads request uri as template
> -----------------------------------------------
>
> Key: WW-3655
> URL: https://issues.apache.org/jira/browse/WW-3655
> Project: Struts 2
> Issue Type: Bug
> Affects Versions: 2.2.3
> Reporter: Johno Crawford
> Assignee: Maurizio Cucchiara
> Priority: Major
> Fix For: 7.0.0
>
>
> If the template location is either null or an empty string ""
> FreemarkerResult will take the request uri
> org.apache.struts2.views.freemarker.FreemarkerResult#doExecute and load it as
> a template.
> Example url, http://localhost:8080/com/acme/actions/Action.class/ would load
> /com/acme/actions/Action.class/ as a template and dump the bytecode in the
> response.
> The "feature" / culprit below seems a little exotic, however someone may be
> relying on it.. (same actions handling stuff in different directories?)
> {code}
> if (!locationArg.startsWith("/")) {
> String base = ResourceUtil.getResourceBase(req);
> locationArg = base + "/" + locationArg;
> }
> {code}
> To mitigate the problem and maintain previous functionality we could throw an
> exception if the template location is empty, I have created a pull request
> with my proposed fix https://github.com/apache/struts2/pull/1
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
