struts git commit: Adds missing import

2016-03-19 Thread lukaszlenart 
Repository: struts
Updated Branches:
  refs/heads/master 885261803 -> 7256557c3


Adds missing import


Project: http://git-wip-us.apache.org/repos/asf/struts/repo
Commit: http://git-wip-us.apache.org/repos/asf/struts/commit/7256557c
Tree: http://git-wip-us.apache.org/repos/asf/struts/tree/7256557c
Diff: http://git-wip-us.apache.org/repos/asf/struts/diff/7256557c

Branch: refs/heads/master
Commit: 7256557c323e3b35ef0afb0e827f8b13763ac4af
Parents: 8852618
Author: Lukasz Lenart 
Authored: Sat Mar 19 17:20:06 2016 +0100
Committer: Lukasz Lenart 
Committed: Sat Mar 19 17:20:06 2016 +0100

--
 .../struts2/interceptor/MessageStorePreResultListenerTest.java  | 1 +
 1 file changed, 1 insertion(+)
--


http://git-wip-us.apache.org/repos/asf/struts/blob/7256557c/core/src/test/java/org/apache/struts2/interceptor/MessageStorePreResultListenerTest.java
--
diff --git 
a/core/src/test/java/org/apache/struts2/interceptor/MessageStorePreResultListenerTest.java
 
b/core/src/test/java/org/apache/struts2/interceptor/MessageStorePreResultListenerTest.java
index e9f589d..cd54da5 100644
--- 
a/core/src/test/java/org/apache/struts2/interceptor/MessageStorePreResultListenerTest.java
+++ 
b/core/src/test/java/org/apache/struts2/interceptor/MessageStorePreResultListenerTest.java
@@ -9,6 +9,7 @@ import com.opensymphony.xwork2.config.entities.ResultConfig;
 import com.opensymphony.xwork2.mock.MockActionProxy;
 import org.apache.struts2.ServletActionContext;
 import org.apache.struts2.StrutsInternalTestCase;
+import org.apache.struts2.result.ServletRedirectResult;
 import org.easymock.EasyMock;
 
 import javax.servlet.http.HttpServletRequest;

svn commit: r982993 - in /websites/production/struts/content/docs: s2-028.html s2-029.html s2-030.html security.html version-notes-2325.html version-notes-2326.html

2016-03-19 Thread lukaszlenart 
Author: lukaszlenart
Date: Thu Mar 17 08:32:29 2016
New Revision: 982993

Log:
Updates production

Added:
websites/production/struts/content/docs/version-notes-2326.html
Removed:
websites/production/struts/content/docs/version-notes-2325.html
Modified:
websites/production/struts/content/docs/s2-028.html
websites/production/struts/content/docs/s2-029.html
websites/production/struts/content/docs/s2-030.html
websites/production/struts/content/docs/security.html

Modified: websites/production/struts/content/docs/s2-028.html
==
--- websites/production/struts/content/docs/s2-028.html (original)
+++ websites/production/struts/content/docs/s2-028.html Thu Mar 17 08:32:29 2016
@@ -125,7 +125,7 @@ under the License.
 
 
 
-SummaryUse of a JRE with broken URLDecoder 
implementation may lead to XSS vulnerability in Struts 2 based web 
applications.Who should read thisAll Struts 2 developers and 
usersImpact of vulnerabilityAffects of a cross-site scripting 
vulnerability.Maximum security ratingImportantRecommendationUpgrade runtime JRE to a recent major 
version, preferably 1.8. 
 Alternatively upgrade to http://struts.apache.org/download.cgi#struts2325;>Struts 
2.3.25Affected SoftwareStruts 2.0.0 - Struts Struts 2.3.24.1ReporterWhiteHat Security (http://whitehatsec.com; 
rel="nofollow">whitehatsec.com)CVE Identifier-ProblemWhen using a single byte page encoding such 
as ISO-8895-1, an attacker might submit a non-spec URL-encoded p
 arameter value including multi-byte characters.Struts 2 used the 
standard JRE URLDecoder to decode parameter values.Especially JRE 
1.5's URLDecoder implementation seems to be broken to the point that this 
non-spec encoding isn't rejected / filtered. In later JREs the issue was fixed, 
best known solution is found in JRE 1.8.SolutionUpgrade runtime JRE/JDK, preferably to the 
most recent 1.8 version.Alternativelyupgrade to Struts 2.3.25, which includes and uses a safe URLDecoder 
implementation from Apache TomcatBackward compatibilityNo issues 
expected when upgrading to Struts 2.3.25WorkaroundUse UTF-8 for page and parameter 
encoding.Further Reference
+
Summary
Use of a JRE with broken URLDecoder 
implementation may lead to XSS vulnerability in Struts 2 based web 
applications.
Who should read this
All Struts 2 developers and 
users
Impact of vulnerability
Affects of a cross-site scripting 
vulnerability.
Maximum security rating
Important
Recommendation
Upgrade runtime JRE to a recent major 
version, preferably 1.8. 
 Alternatively upgrade to Struts 
2.3.26
Affected Software
Struts 2.0.0 - Struts Struts 2.3.24.1
Reporter
WhiteHat Security (http://whitehatsec.com"; 
rel="nofollow">whitehatsec.com)
CVE Identifier
-
Problem
When using a single byte page encoding such 
as ISO-8895-1, an attacker might submit a non-spec URL-encoded parameter value 
including multi-byte characters.
 
Struts 2 used the standard JRE URLDecoder to decode parameter 
values. Especially JRE 1.5's URLDecoder implementation seems to be 
broken to the point that this non-spec encoding isn't rejected / filtered. In 
later JREs the issue was fixed, best known solution is found in JRE 
1.8.
Solution
Upgrade runtime 
JRE/JDK, preferably to the most recent 1.8 
version.
Alternatively upgrade 
to Struts 2.3.26, which includes and uses a safe URLDecoder implementation from 
Apache Tomcat
Backward 
compatibility
No

[struts] Git Push Summary

2016-03-19 Thread lukaszlenart 
Repository: struts
Updated Tags:  refs/tags/STRUTS_2_3_28 [created] f14d1e5db

struts git commit: [maven-release-plugin] prepare for next development iteration

2016-03-19 Thread lukaszlenart 
Repository: struts
Updated Branches:
  refs/heads/support-2-3 8a59ed02c -> 519c76711


[maven-release-plugin] prepare for next development iteration


Project: http://git-wip-us.apache.org/repos/asf/struts/repo
Commit: http://git-wip-us.apache.org/repos/asf/struts/commit/519c7671
Tree: http://git-wip-us.apache.org/repos/asf/struts/tree/519c7671
Diff: http://git-wip-us.apache.org/repos/asf/struts/diff/519c7671

Branch: refs/heads/support-2-3
Commit: 519c7671141c13264e5ca590e9c413772fdff663
Parents: 8a59ed0
Author: Lukasz Lenart 
Authored: Fri Mar 18 08:54:43 2016 +0100
Committer: Lukasz Lenart 
Committed: Fri Mar 18 08:54:43 2016 +0100

--
 apps/blank/pom.xml  | 2 +-
 apps/jboss-blank/pom.xml| 2 +-
 apps/mailreader/pom.xml | 2 +-
 apps/pom.xml| 2 +-
 apps/portlet/pom.xml| 2 +-
 apps/rest-showcase/pom.xml  | 4 ++--
 apps/showcase/pom.xml   | 2 +-
 archetypes/pom.xml  | 2 +-
 archetypes/struts2-archetype-angularjs/pom.xml  | 2 +-
 archetypes/struts2-archetype-blank/pom.xml  | 2 +-
 archetypes/struts2-archetype-convention/pom.xml | 2 +-
 archetypes/struts2-archetype-dbportlet/pom.xml  | 2 +-
 archetypes/struts2-archetype-plugin/pom.xml | 2 +-
 archetypes/struts2-archetype-portlet/pom.xml| 2 +-
 archetypes/struts2-archetype-starter/pom.xml| 2 +-
 assembly/pom.xml| 2 +-
 bom/pom.xml | 6 +++---
 bundles/admin/pom.xml   | 2 +-
 bundles/demo/pom.xml| 2 +-
 bundles/pom.xml | 2 +-
 core/pom.xml| 2 +-
 plugins/cdi/pom.xml | 2 +-
 plugins/codebehind/pom.xml  | 2 +-
 plugins/config-browser/pom.xml  | 2 +-
 plugins/convention/pom.xml  | 2 +-
 plugins/dojo/pom.xml| 2 +-
 plugins/dwr/pom.xml | 2 +-
 plugins/embeddedjsp/pom.xml | 2 +-
 plugins/gxp/pom.xml | 2 +-
 plugins/jasperreports/pom.xml   | 2 +-
 plugins/java8-support/pom.xml   | 2 +-
 plugins/javatemplates/pom.xml   | 2 +-
 plugins/jfreechart/pom.xml  | 2 +-
 plugins/jsf/pom.xml | 2 +-
 plugins/json/pom.xml| 2 +-
 plugins/junit/pom.xml   | 2 +-
 plugins/osgi/pom.xml| 2 +-
 plugins/oval/pom.xml| 2 +-
 plugins/pell-multipart/pom.xml  | 2 +-
 plugins/plexus/pom.xml  | 2 +-
 plugins/pom.xml | 2 +-
 plugins/portlet-tiles/pom.xml   | 2 +-
 plugins/portlet/pom.xml | 2 +-
 plugins/rest/pom.xml| 2 +-
 plugins/sitegraph/pom.xml   | 2 +-
 plugins/sitemesh/pom.xml| 2 +-
 plugins/spring/pom.xml  | 2 +-
 plugins/struts1/pom.xml | 2 +-
 plugins/testng/pom.xml  | 2 +-
 plugins/tiles/pom.xml   | 2 +-
 plugins/tiles3/pom.xml  | 2 +-
 pom.xml | 4 ++--
 xwork-core/pom.xml  | 2 +-
 53 files changed, 57 insertions(+), 57 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/struts/blob/519c7671/apps/blank/pom.xml
--
diff --git a/apps/blank/pom.xml b/apps/blank/pom.xml
index ac7a974..071de78 100644
--- a/apps/blank/pom.xml
+++ b/apps/blank/pom.xml
@@ -26,7 +26,7 @@
 
 org.apache.struts
 struts2-apps
-2.3.27
+2.3.28-SNAPSHOT
 
 
 struts2-blank

http://git-wip-us.apache.org/repos/asf/struts/blob/519c7671/apps/jboss-blank/pom.xml
--
diff --git a/apps/jboss-blank/pom.xml b/apps/jboss-blank/pom.xml
index 10018aa..d26f89c 100644
--- a/apps/jboss-blank/pom.xml
+++ b/apps/jboss-blank/pom.xml
@@ -26,7 +26,7 @@
 
 org.apache.struts
 struts2-apps
-2.3.27
+2.3.28-SNAPSHOT
 
 
 struts2-jboss-blank

http://git-wip-us.apache.org/repos/asf/struts/blob/519c7671/apps/mailreader/pom.xml
--
diff --git a/apps/mailreader/pom.xml b/apps/mailreader/pom.xml
index f03d9af..a987238

struts git commit: Fixes typo in docs

2016-03-19 Thread lukaszlenart 
Repository: struts
Updated Branches:
  refs/heads/master d358f1f76 -> ffcc22ad5


Fixes typo in docs


Project: http://git-wip-us.apache.org/repos/asf/struts/repo
Commit: http://git-wip-us.apache.org/repos/asf/struts/commit/ffcc22ad
Tree: http://git-wip-us.apache.org/repos/asf/struts/tree/ffcc22ad
Diff: http://git-wip-us.apache.org/repos/asf/struts/diff/ffcc22ad

Branch: refs/heads/master
Commit: ffcc22ad5f74b0dd194ab41ee740423e189c128e
Parents: d358f1f
Author: Lukasz Lenart 
Authored: Thu Mar 17 20:03:50 2016 +0100
Committer: Lukasz Lenart 
Committed: Thu Mar 17 20:04:25 2016 +0100

--
 core/src/main/java/org/apache/struts2/components/UIBean.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
--


http://git-wip-us.apache.org/repos/asf/struts/blob/ffcc22ad/core/src/main/java/org/apache/struts2/components/UIBean.java
--
diff --git a/core/src/main/java/org/apache/struts2/components/UIBean.java 
b/core/src/main/java/org/apache/struts2/components/UIBean.java
index 5648831..38673c9 100644
--- a/core/src/main/java/org/apache/struts2/components/UIBean.java
+++ b/core/src/main/java/org/apache/struts2/components/UIBean.java
@@ -179,7 +179,7 @@ import java.util.Map;
  *  Form Element's field name mapping
  *   
  *   
- *  required
+ *  requiredLabel
  *  xhtml
  *  Boolean
  *  add * to label (true to add false otherwise)

struts git commit: [maven-release-plugin] prepare for next development iteration

2016-03-19 Thread lukaszlenart 
Repository: struts
Updated Branches:
  refs/heads/support-2-3 0ac8932aa -> 6fee2eb1a


[maven-release-plugin] prepare for next development iteration


Project: http://git-wip-us.apache.org/repos/asf/struts/repo
Commit: http://git-wip-us.apache.org/repos/asf/struts/commit/6fee2eb1
Tree: http://git-wip-us.apache.org/repos/asf/struts/tree/6fee2eb1
Diff: http://git-wip-us.apache.org/repos/asf/struts/diff/6fee2eb1

Branch: refs/heads/support-2-3
Commit: 6fee2eb1a4372ba16e81ef0c9ce6e5fa41383a07
Parents: 0ac8932
Author: Lukasz Lenart 
Authored: Fri Mar 18 20:50:53 2016 +0100
Committer: Lukasz Lenart 
Committed: Fri Mar 18 20:50:53 2016 +0100

--
 apps/blank/pom.xml  | 2 +-
 apps/jboss-blank/pom.xml| 2 +-
 apps/mailreader/pom.xml | 2 +-
 apps/pom.xml| 2 +-
 apps/portlet/pom.xml| 2 +-
 apps/rest-showcase/pom.xml  | 4 ++--
 apps/showcase/pom.xml   | 2 +-
 archetypes/pom.xml  | 2 +-
 archetypes/struts2-archetype-angularjs/pom.xml  | 2 +-
 archetypes/struts2-archetype-blank/pom.xml  | 2 +-
 archetypes/struts2-archetype-convention/pom.xml | 2 +-
 archetypes/struts2-archetype-dbportlet/pom.xml  | 2 +-
 archetypes/struts2-archetype-plugin/pom.xml | 2 +-
 archetypes/struts2-archetype-portlet/pom.xml| 2 +-
 archetypes/struts2-archetype-starter/pom.xml| 2 +-
 assembly/pom.xml| 2 +-
 bom/pom.xml | 6 +++---
 bundles/admin/pom.xml   | 2 +-
 bundles/demo/pom.xml| 2 +-
 bundles/pom.xml | 2 +-
 core/pom.xml| 2 +-
 plugins/cdi/pom.xml | 2 +-
 plugins/codebehind/pom.xml  | 2 +-
 plugins/config-browser/pom.xml  | 2 +-
 plugins/convention/pom.xml  | 2 +-
 plugins/dojo/pom.xml| 2 +-
 plugins/dwr/pom.xml | 2 +-
 plugins/embeddedjsp/pom.xml | 2 +-
 plugins/gxp/pom.xml | 2 +-
 plugins/jasperreports/pom.xml   | 2 +-
 plugins/java8-support/pom.xml   | 2 +-
 plugins/javatemplates/pom.xml   | 2 +-
 plugins/jfreechart/pom.xml  | 2 +-
 plugins/jsf/pom.xml | 2 +-
 plugins/json/pom.xml| 2 +-
 plugins/junit/pom.xml   | 2 +-
 plugins/osgi/pom.xml| 2 +-
 plugins/oval/pom.xml| 2 +-
 plugins/pell-multipart/pom.xml  | 2 +-
 plugins/plexus/pom.xml  | 2 +-
 plugins/pom.xml | 2 +-
 plugins/portlet-tiles/pom.xml   | 2 +-
 plugins/portlet/pom.xml | 2 +-
 plugins/rest/pom.xml| 2 +-
 plugins/sitegraph/pom.xml   | 2 +-
 plugins/sitemesh/pom.xml| 2 +-
 plugins/spring/pom.xml  | 2 +-
 plugins/struts1/pom.xml | 2 +-
 plugins/testng/pom.xml  | 2 +-
 plugins/tiles/pom.xml   | 2 +-
 plugins/tiles3/pom.xml  | 2 +-
 pom.xml | 4 ++--
 xwork-core/pom.xml  | 2 +-
 53 files changed, 57 insertions(+), 57 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/struts/blob/6fee2eb1/apps/blank/pom.xml
--
diff --git a/apps/blank/pom.xml b/apps/blank/pom.xml
index 326dc33..fc6d5bb 100644
--- a/apps/blank/pom.xml
+++ b/apps/blank/pom.xml
@@ -26,7 +26,7 @@
 
 org.apache.struts
 struts2-apps
-2.3.28
+2.3.29-SNAPSHOT
 
 
 struts2-blank

http://git-wip-us.apache.org/repos/asf/struts/blob/6fee2eb1/apps/jboss-blank/pom.xml
--
diff --git a/apps/jboss-blank/pom.xml b/apps/jboss-blank/pom.xml
index a49e05e..755ee49 100644
--- a/apps/jboss-blank/pom.xml
+++ b/apps/jboss-blank/pom.xml
@@ -26,7 +26,7 @@
 
 org.apache.struts
 struts2-apps
-2.3.28
+2.3.29-SNAPSHOT
 
 
 struts2-jboss-blank

http://git-wip-us.apache.org/repos/asf/struts/blob/6fee2eb1/apps/mailreader/pom.xml
--
diff --git a/apps/mailreader/pom.xml b/apps/mailreader/pom.xml
index cc4044c..779cde7

svn commit: r12789 - /dev/struts/2.3.28/

2016-03-19 Thread lukaszlenart 
Author: lukaszlenart
Date: Fri Mar 18 20:45:53 2016
New Revision: 12789

Log:
Updates test release 2.3.28

Added:
dev/struts/2.3.28/
dev/struts/2.3.28/struts-2.3.28-all.zip   (with props)
dev/struts/2.3.28/struts-2.3.28-all.zip.asc   (with props)
dev/struts/2.3.28/struts-2.3.28-all.zip.md5
dev/struts/2.3.28/struts-2.3.28-all.zip.sha1
dev/struts/2.3.28/struts-2.3.28-apps.zip   (with props)
dev/struts/2.3.28/struts-2.3.28-apps.zip.asc   (with props)
dev/struts/2.3.28/struts-2.3.28-apps.zip.md5
dev/struts/2.3.28/struts-2.3.28-apps.zip.sha1
dev/struts/2.3.28/struts-2.3.28-docs.zip   (with props)
dev/struts/2.3.28/struts-2.3.28-docs.zip.asc   (with props)
dev/struts/2.3.28/struts-2.3.28-docs.zip.md5
dev/struts/2.3.28/struts-2.3.28-docs.zip.sha1
dev/struts/2.3.28/struts-2.3.28-lib.zip   (with props)
dev/struts/2.3.28/struts-2.3.28-lib.zip.asc   (with props)
dev/struts/2.3.28/struts-2.3.28-lib.zip.md5
dev/struts/2.3.28/struts-2.3.28-lib.zip.sha1
dev/struts/2.3.28/struts-2.3.28-min-lib.zip   (with props)
dev/struts/2.3.28/struts-2.3.28-min-lib.zip.asc   (with props)
dev/struts/2.3.28/struts-2.3.28-min-lib.zip.md5
dev/struts/2.3.28/struts-2.3.28-min-lib.zip.sha1
dev/struts/2.3.28/struts-2.3.28-src.zip   (with props)
dev/struts/2.3.28/struts-2.3.28-src.zip.asc   (with props)
dev/struts/2.3.28/struts-2.3.28-src.zip.md5
dev/struts/2.3.28/struts-2.3.28-src.zip.sha1

Added: dev/struts/2.3.28/struts-2.3.28-all.zip
==
Binary file - no diff available.

Propchange: dev/struts/2.3.28/struts-2.3.28-all.zip
--
svn:mime-type = application/zip

Added: dev/struts/2.3.28/struts-2.3.28-all.zip.asc
==
Binary file - no diff available.

Propchange: dev/struts/2.3.28/struts-2.3.28-all.zip.asc
--
svn:mime-type = application/pgp-signature

Added: dev/struts/2.3.28/struts-2.3.28-all.zip.md5
==
--- dev/struts/2.3.28/struts-2.3.28-all.zip.md5 (added)
+++ dev/struts/2.3.28/struts-2.3.28-all.zip.md5 Fri Mar 18 20:45:53 2016
@@ -0,0 +1 @@
+b83e10246a75dd0a4b0648da574eb2c6
\ No newline at end of file

Added: dev/struts/2.3.28/struts-2.3.28-all.zip.sha1
==
--- dev/struts/2.3.28/struts-2.3.28-all.zip.sha1 (added)
+++ dev/struts/2.3.28/struts-2.3.28-all.zip.sha1 Fri Mar 18 20:45:53 2016
@@ -0,0 +1 @@
+7f07719abea4e82ab234cde0dcf7e35fecde048f
\ No newline at end of file

Added: dev/struts/2.3.28/struts-2.3.28-apps.zip
==
Binary file - no diff available.

Propchange: dev/struts/2.3.28/struts-2.3.28-apps.zip
--
svn:mime-type = application/zip

Added: dev/struts/2.3.28/struts-2.3.28-apps.zip.asc
==
Binary file - no diff available.

Propchange: dev/struts/2.3.28/struts-2.3.28-apps.zip.asc
--
svn:mime-type = application/pgp-signature

Added: dev/struts/2.3.28/struts-2.3.28-apps.zip.md5
==
--- dev/struts/2.3.28/struts-2.3.28-apps.zip.md5 (added)
+++ dev/struts/2.3.28/struts-2.3.28-apps.zip.md5 Fri Mar 18 20:45:53 2016
@@ -0,0 +1 @@
+c460697b3b5bc5733454ed407ff1dba8
\ No newline at end of file

Added: dev/struts/2.3.28/struts-2.3.28-apps.zip.sha1
==
--- dev/struts/2.3.28/struts-2.3.28-apps.zip.sha1 (added)
+++ dev/struts/2.3.28/struts-2.3.28-apps.zip.sha1 Fri Mar 18 20:45:53 2016
@@ -0,0 +1 @@
+0e5ab4dc4545c98fd8bcee427a1dfc98c95cf70c
\ No newline at end of file

Added: dev/struts/2.3.28/struts-2.3.28-docs.zip
==
Binary file - no diff available.

Propchange: dev/struts/2.3.28/struts-2.3.28-docs.zip
--
svn:mime-type = application/zip

Added: dev/struts/2.3.28/struts-2.3.28-docs.zip.asc
==
Binary file - no diff available.

Propchange: dev/struts/2.3.28/struts-2.3.28-docs.zip.asc
--
svn:mime-type = application/pgp-signature

Added: dev/struts/2.3.28/struts-2.3.28-docs.zip.md5

struts git commit: WW-4605 Reverts to previous flow when result is created just before executing it

2016-03-19 Thread lukaszlenart 
Repository: struts
Updated Branches:
  refs/heads/support-2-3 519c76711 -> 6b497ef8f


WW-4605 Reverts to previous flow when result is created just before executing it


Project: http://git-wip-us.apache.org/repos/asf/struts/repo
Commit: http://git-wip-us.apache.org/repos/asf/struts/commit/6b497ef8
Tree: http://git-wip-us.apache.org/repos/asf/struts/tree/6b497ef8
Diff: http://git-wip-us.apache.org/repos/asf/struts/diff/6b497ef8

Branch: refs/heads/support-2-3
Commit: 6b497ef8f7091224b4e87a825fdbc50b02a21c3d
Parents: 519c767
Author: Lukasz Lenart 
Authored: Fri Mar 18 20:41:06 2016 +0100
Committer: Lukasz Lenart 
Committed: Fri Mar 18 20:41:06 2016 +0100

--
 .../MessageStorePreResultListener.java  |  8 ++-
 .../MessageStorePreResultListenerTest.java  | 22 
 .../apache/struts2/views/jsp/ActionTagTest.java |  3 +--
 .../xwork2/DefaultActionInvocation.java |  4 ++--
 4 files changed, 28 insertions(+), 9 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/struts/blob/6b497ef8/core/src/main/java/org/apache/struts2/interceptor/MessageStorePreResultListener.java
--
diff --git 
a/core/src/main/java/org/apache/struts2/interceptor/MessageStorePreResultListener.java
 
b/core/src/main/java/org/apache/struts2/interceptor/MessageStorePreResultListener.java
index d78313c..5415a73 100644
--- 
a/core/src/main/java/org/apache/struts2/interceptor/MessageStorePreResultListener.java
+++ 
b/core/src/main/java/org/apache/struts2/interceptor/MessageStorePreResultListener.java
@@ -21,10 +21,12 @@ package org.apache.struts2.interceptor;
 
 import com.opensymphony.xwork2.ActionInvocation;
 import com.opensymphony.xwork2.ValidationAware;
+import com.opensymphony.xwork2.config.entities.ResultConfig;
 import com.opensymphony.xwork2.interceptor.PreResultListener;
 import com.opensymphony.xwork2.util.logging.Logger;
 import com.opensymphony.xwork2.util.logging.LoggerFactory;
 import org.apache.struts2.ServletActionContext;
+import org.apache.struts2.dispatcher.ServletActionRedirectResult;
 import org.apache.struts2.dispatcher.ServletRedirectResult;
 
 import java.util.Map;
@@ -68,7 +70,11 @@ class MessageStorePreResultListener implements 
PreResultListener {
 
 boolean isRedirect = false;
 try {
-isRedirect = invocation.getResult() instanceof 
ServletRedirectResult;
+ResultConfig resultConfig = 
invocation.getProxy().getConfig().getResults().get(resultCode);
+if (resultConfig != null) {
+isRedirect = 
ServletRedirectResult.class.getName().equals(resultConfig.getClassName())
+|| 
ServletActionRedirectResult.class.getName().equals(resultConfig.getClassName());
+}
 } catch (Exception e) {
 LOG.warn("Cannot read result!", e);
 }

http://git-wip-us.apache.org/repos/asf/struts/blob/6b497ef8/core/src/test/java/org/apache/struts2/interceptor/MessageStorePreResultListenerTest.java
--
diff --git 
a/core/src/test/java/org/apache/struts2/interceptor/MessageStorePreResultListenerTest.java
 
b/core/src/test/java/org/apache/struts2/interceptor/MessageStorePreResultListenerTest.java
index 599ab09..0b4340b 100644
--- 
a/core/src/test/java/org/apache/struts2/interceptor/MessageStorePreResultListenerTest.java
+++ 
b/core/src/test/java/org/apache/struts2/interceptor/MessageStorePreResultListenerTest.java
@@ -4,9 +4,13 @@ import com.opensymphony.xwork2.Action;
 import com.opensymphony.xwork2.ActionContext;
 import com.opensymphony.xwork2.ActionInvocation;
 import com.opensymphony.xwork2.ActionSupport;
+import com.opensymphony.xwork2.config.entities.ActionConfig;
+import com.opensymphony.xwork2.config.entities.ResultConfig;
+import com.opensymphony.xwork2.mock.MockActionProxy;
 import org.apache.struts2.ServletActionContext;
 import org.apache.struts2.StrutsInternalTestCase;
 import org.apache.struts2.dispatcher.ServletActionRedirectResult;
+import org.apache.struts2.dispatcher.ServletRedirectResult;
 import org.easymock.EasyMock;
 
 import javax.servlet.http.HttpServletRequest;
@@ -138,8 +142,13 @@ public class MessageStorePreResultListenerTest extends 
StrutsInternalTestCase {
 EasyMock.expectLastCall().andReturn(action);
 EasyMock.expectLastCall().anyTimes();
 
-mockActionInvocation.getResult();
-EasyMock.expectLastCall().andReturn(new ServletActionRedirectResult());
+mockActionInvocation.getProxy();
+MockActionProxy actionProxy = new MockActionProxy();
+ResultConfig resultConfig = new ResultConfig.Builder(Action.SUCCESS, 
ServletRedirectResult.class.getName()).build();
+ActionConfig actionConfig =

struts git commit: Adds proper logic to exclude MemberAccess

2016-03-19 Thread lukaszlenart 
Repository: struts
Updated Branches:
  refs/heads/support-2-3 94c446265 -> f48c30eaa


Adds proper logic to exclude MemberAccess


Project: http://git-wip-us.apache.org/repos/asf/struts/repo
Commit: http://git-wip-us.apache.org/repos/asf/struts/commit/f48c30ea
Tree: http://git-wip-us.apache.org/repos/asf/struts/tree/f48c30ea
Diff: http://git-wip-us.apache.org/repos/asf/struts/diff/f48c30ea

Branch: refs/heads/support-2-3
Commit: f48c30eaa7364b6658bd9519bfd12b1c7eeba69d
Parents: 94c4462
Author: Lukasz Lenart 
Authored: Fri Mar 18 08:45:13 2016 +0100
Committer: Lukasz Lenart 
Committed: Fri Mar 18 08:45:13 2016 +0100

--
 core/src/main/resources/struts-default.xml  |  3 +-
 .../apache/struts2/views/jsp/URLTagTest.java|  3 +-
 .../xwork2/ognl/SecurityMemberAccessTest.java   | 37 
 3 files changed, 40 insertions(+), 3 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/struts/blob/f48c30ea/core/src/main/resources/struts-default.xml
--
diff --git a/core/src/main/resources/struts-default.xml 
b/core/src/main/resources/struts-default.xml
index 6fafc5b..441ae54 100644
--- a/core/src/main/resources/struts-default.xml
+++ b/core/src/main/resources/struts-default.xml
@@ -46,10 +46,11 @@
 java.lang.Class,
 java.lang.ClassLoader,
 java.lang.Shutdown,
+java.lang.ProcessBuilder,
 ognl.OgnlContext,
-ognl.MemberAccess,
 ognl.ClassResolver,
 ognl.TypeConverter,
+com.opensymphony.xwork2.ognl.SecurityMemberAccess,
 com.opensymphony.xwork2.ActionContext" />
 
 

http://git-wip-us.apache.org/repos/asf/struts/blob/f48c30ea/core/src/test/java/org/apache/struts2/views/jsp/URLTagTest.java
--
diff --git a/core/src/test/java/org/apache/struts2/views/jsp/URLTagTest.java 
b/core/src/test/java/org/apache/struts2/views/jsp/URLTagTest.java
index 50bf576..6c141aa 100644
--- a/core/src/test/java/org/apache/struts2/views/jsp/URLTagTest.java
+++ b/core/src/test/java/org/apache/struts2/views/jsp/URLTagTest.java
@@ -657,8 +657,7 @@ public class URLTagTest extends AbstractUITagTest {
tag.doEndTag();
 
Object allowMethodAccess = 
stack.findValue("\u0023_memberAccess['allowStaticMethodAccess']");
-   assertNotNull(allowMethodAccess);
-   assertEquals(Boolean.FALSE, allowMethodAccess);
+   assertNull(allowMethodAccess);
 
assertNull(session.get("foo"));
 

http://git-wip-us.apache.org/repos/asf/struts/blob/f48c30ea/xwork-core/src/test/java/com/opensymphony/xwork2/ognl/SecurityMemberAccessTest.java
--
diff --git 
a/xwork-core/src/test/java/com/opensymphony/xwork2/ognl/SecurityMemberAccessTest.java
 
b/xwork-core/src/test/java/com/opensymphony/xwork2/ognl/SecurityMemberAccessTest.java
index 6bc6354..b719432 100644
--- 
a/xwork-core/src/test/java/com/opensymphony/xwork2/ognl/SecurityMemberAccessTest.java
+++ 
b/xwork-core/src/test/java/com/opensymphony/xwork2/ognl/SecurityMemberAccessTest.java
@@ -339,6 +339,7 @@ public class SecurityMemberAccessTest extends TestCase {
 
 // when
 boolean accessible = sma.isAccessible(context, target, member, 
propertyName);
+
 // then
 assertTrue(accessible);
 
@@ -388,6 +389,42 @@ public class SecurityMemberAccessTest extends TestCase {
 assertTrue(accessible);
 }
 
+public void testAccessMemberAccessIsAccessible() throws Exception {
+// given
+SecurityMemberAccess sma = new SecurityMemberAccess(false);
+Set excluded = new HashSet();
+excluded.add(ognl.MemberAccess.class);
+sma.setExcludedClasses(excluded);
+
+String propertyName = "excludedClasses";
+String setter = "setExcludedClasses";
+Member member = SecurityMemberAccess.class.getMethod(setter, 
Set.class);
+
+// when
+boolean accessible = sma.isAccessible(context, target, member, 
propertyName);
+
+// then
+assertTrue(accessible);
+}
+
+public void testAccessMemberAccessIsBlocked() throws Exception {
+// given
+SecurityMemberAccess sma = new SecurityMemberAccess(false);
+Set excluded = new HashSet();
+excluded.add(SecurityMemberAccess.class);
+sma.setExcludedClasses(excluded);
+
+String propertyName = "excludedClasses";
+String setter = "setExcludedClasses";
+Member member = SecurityMemberAccess.class.getMethod(setter, 
Set.class);
+
+// when
+

struts git commit: WW-4605 Reverts to previous flow when result is created just before executing it

2016-03-19 Thread lukaszlenart 
Repository: struts
Updated Branches:
  refs/heads/master 774e3a630 -> 885261803


WW-4605 Reverts to previous flow when result is created just before executing it


Project: http://git-wip-us.apache.org/repos/asf/struts/repo
Commit: http://git-wip-us.apache.org/repos/asf/struts/commit/88526180
Tree: http://git-wip-us.apache.org/repos/asf/struts/tree/88526180
Diff: http://git-wip-us.apache.org/repos/asf/struts/diff/88526180

Branch: refs/heads/master
Commit: 88526180375f958ea57eceedb3017f4b7637ef68
Parents: 774e3a6
Author: Lukasz Lenart 
Authored: Fri Mar 18 20:41:06 2016 +0100
Committer: Lukasz Lenart 
Committed: Sat Mar 19 06:58:28 2016 +0100

--
 .../xwork2/DefaultActionInvocation.java |  4 ++--
 .../MessageStorePreResultListener.java  |  8 ++-
 .../MessageStorePreResultListenerTest.java  | 22 +++-
 .../apache/struts2/views/jsp/ActionTagTest.java |  3 +--
 4 files changed, 27 insertions(+), 10 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/struts/blob/88526180/core/src/main/java/com/opensymphony/xwork2/DefaultActionInvocation.java
--
diff --git 
a/core/src/main/java/com/opensymphony/xwork2/DefaultActionInvocation.java 
b/core/src/main/java/com/opensymphony/xwork2/DefaultActionInvocation.java
index a8dcf56..167159c 100644
--- a/core/src/main/java/com/opensymphony/xwork2/DefaultActionInvocation.java
+++ b/core/src/main/java/com/opensymphony/xwork2/DefaultActionInvocation.java
@@ -248,8 +248,6 @@ public class DefaultActionInvocation implements 
ActionInvocation {
 // this is needed because the result will be executed, then 
control will return to the Interceptor, which will
 // return above and flow through again
 if (!executed) {
-result = createResult();
-
 if (preResultListeners != null) {
 LOG.trace("Executing PreResultListeners for result [{}]", 
result);
 
@@ -359,6 +357,8 @@ public class DefaultActionInvocation implements 
ActionInvocation {
  * @throws ConfigurationException If not result can be found with the 
returned code
  */
 private void executeResult() throws Exception {
+result = createResult();
+
 String timerKey = "executeResult: " + getResultCode();
 try {
 UtilTimerStack.push(timerKey);

http://git-wip-us.apache.org/repos/asf/struts/blob/88526180/core/src/main/java/org/apache/struts2/interceptor/MessageStorePreResultListener.java
--
diff --git 
a/core/src/main/java/org/apache/struts2/interceptor/MessageStorePreResultListener.java
 
b/core/src/main/java/org/apache/struts2/interceptor/MessageStorePreResultListener.java
index 0f45b1a..60fcffe 100644
--- 
a/core/src/main/java/org/apache/struts2/interceptor/MessageStorePreResultListener.java
+++ 
b/core/src/main/java/org/apache/struts2/interceptor/MessageStorePreResultListener.java
@@ -20,11 +20,13 @@
 package org.apache.struts2.interceptor;
 
 import com.opensymphony.xwork2.ActionInvocation;
+import com.opensymphony.xwork2.config.entities.ResultConfig;
 import com.opensymphony.xwork2.interceptor.PreResultListener;
 import com.opensymphony.xwork2.interceptor.ValidationAware;
 import org.apache.logging.log4j.LogManager;
 import org.apache.logging.log4j.Logger;
 import org.apache.struts2.ServletActionContext;
+import org.apache.struts2.result.ServletActionRedirectResult;
 import org.apache.struts2.result.ServletRedirectResult;
 
 import java.util.Map;
@@ -69,7 +71,11 @@ class MessageStorePreResultListener implements 
PreResultListener {
 
 boolean isRedirect = false;
 try {
-isRedirect = invocation.getResult() instanceof 
ServletRedirectResult;
+ResultConfig resultConfig = 
invocation.getProxy().getConfig().getResults().get(resultCode);
+if (resultConfig != null) {
+isRedirect = 
ServletRedirectResult.class.getName().equals(resultConfig.getClassName())
+|| 
ServletActionRedirectResult.class.getName().equals(resultConfig.getClassName());
+}
 } catch (Exception e) {
 LOG.warn("Cannot read result!", e);
 }

http://git-wip-us.apache.org/repos/asf/struts/blob/88526180/core/src/test/java/org/apache/struts2/interceptor/MessageStorePreResultListenerTest.java
--
diff --git 
a/core/src/test/java/org/apache/struts2/interceptor/MessageStorePreResultListenerTest.java
 
b/core/src/test/java/org/apache/struts2/interceptor/MessageStorePreResultListenerTest.java
index 4e46b3a..e9f589d 100644
---