[jira] [Commented] (WW-5294) s:url tag usage in a public page triggers a warning to not expose JSP pages directly
[
https://issues.apache.org/jira/browse/WW-5294?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17700804#comment-17700804
]
Lukasz Lenart commented on WW-5294:
---
Hmm... interesting, I will re-open this issue to investigate the case with
{{s:textfield}}, thanks for pointing this out :)
> s:url tag usage in a public page triggers a warning to not expose JSP pages
> directly
> -
>
> Key: WW-5294
> URL: https://issues.apache.org/jira/browse/WW-5294
> Project: Struts 2
> Issue Type: Bug
>Affects Versions: 6.1.2
> Environment: Ubuntu 20, Java 8, Tomcat 9
>Reporter: Erica Kane
>Priority: Major
> Fix For: 6.2.0
>
>
> I have a number of public pages that use the {{}} tags with no issues.
> But one page uses an {{}} tag, and every time it is visited I get a
> warning on our logs the Action invocation context is null, and that JSP pages
> should not be exposed directly. This is an informational page only, and I
> can't think why the URL tag is unsafe to use while the a tag is safe. I am
> assuming this is a bug, but of course if there is an issue with the URL tag
> on a public page I would like to know.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Reopened] (WW-5294) s:url tag usage in a public page triggers a warning to not expose JSP pages directly
[
https://issues.apache.org/jira/browse/WW-5294?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Lukasz Lenart reopened WW-5294:
---
Assignee: Lukasz Lenart
> s:url tag usage in a public page triggers a warning to not expose JSP pages
> directly
> -
>
> Key: WW-5294
> URL: https://issues.apache.org/jira/browse/WW-5294
> Project: Struts 2
> Issue Type: Bug
>Affects Versions: 6.1.2
> Environment: Ubuntu 20, Java 8, Tomcat 9
>Reporter: Erica Kane
>Assignee: Lukasz Lenart
>Priority: Major
> Fix For: 6.2.0
>
>
> I have a number of public pages that use the {{}} tags with no issues.
> But one page uses an {{}} tag, and every time it is visited I get a
> warning on our logs the Action invocation context is null, and that JSP pages
> should not be exposed directly. This is an informational page only, and I
> can't think why the URL tag is unsafe to use while the a tag is safe. I am
> assuming this is a bug, but of course if there is an issue with the URL tag
> on a public page I would like to know.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Commented] (WW-5294) s:url tag usage in a public page triggers a warning to not expose JSP pages directly
[
https://issues.apache.org/jira/browse/WW-5294?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17700615#comment-17700615
]
Erica Kane commented on WW-5294:
Yes, we have quite a few Actions already... :)
I will say that it was very difficult to get the warning. We should have gotten
them on other pages that had {{s:textfield}} out there, which intuitively
strikes me as far more risky. I had an interesting day hunting all the
possibilities down.
> s:url tag usage in a public page triggers a warning to not expose JSP pages
> directly
> -
>
> Key: WW-5294
> URL: https://issues.apache.org/jira/browse/WW-5294
> Project: Struts 2
> Issue Type: Bug
>Affects Versions: 6.1.2
> Environment: Ubuntu 20, Java 8, Tomcat 9
>Reporter: Erica Kane
>Priority: Major
> Fix For: 6.2.0
>
>
> I have a number of public pages that use the {{}} tags with no issues.
> But one page uses an {{}} tag, and every time it is visited I get a
> warning on our logs the Action invocation context is null, and that JSP pages
> should not be exposed directly. This is an informational page only, and I
> can't think why the URL tag is unsafe to use while the a tag is safe. I am
> assuming this is a bug, but of course if there is an issue with the URL tag
> on a public page I would like to know.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Commented] (WW-5294) s:url tag usage in a public page triggers a warning to not expose JSP pages directly
[
https://issues.apache.org/jira/browse/WW-5294?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17700537#comment-17700537
]
Lukasz Lenart commented on WW-5294:
---
Great! You can use a very simple setup to define actions:
{code:xml}
/WEB-INF/index.jsp
{code}
> s:url tag usage in a public page triggers a warning to not expose JSP pages
> directly
> -
>
> Key: WW-5294
> URL: https://issues.apache.org/jira/browse/WW-5294
> Project: Struts 2
> Issue Type: Bug
>Affects Versions: 6.1.2
> Environment: Ubuntu 20, Java 8, Tomcat 9
>Reporter: Erica Kane
>Priority: Major
> Fix For: 6.2.0
>
>
> I have a number of public pages that use the {{}} tags with no issues.
> But one page uses an {{}} tag, and every time it is visited I get a
> warning on our logs the Action invocation context is null, and that JSP pages
> should not be exposed directly. This is an informational page only, and I
> can't think why the URL tag is unsafe to use while the a tag is safe. I am
> assuming this is a bug, but of course if there is an issue with the URL tag
> on a public page I would like to know.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Resolved] (WW-5251) Remove deprecated interfaces used with ServletConfigInterceptor
[
https://issues.apache.org/jira/browse/WW-5251?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Lukasz Lenart resolved WW-5251.
---
Resolution: Fixed
> Remove deprecated interfaces used with ServletConfigInterceptor
> ---
>
> Key: WW-5251
> URL: https://issues.apache.org/jira/browse/WW-5251
> Project: Struts 2
> Issue Type: Improvement
> Components: Core Interceptors
>Reporter: Lukasz Lenart
>Assignee: Stefaan Dutry
>Priority: Major
> Fix For: 6.2.0
>
> Time Spent: 10m
> Remaining Estimate: 0h
>
> {{ServletConfigInterceptor}} supports a bunch of deprecated interfaces which
> already have proper replacement and they should be removed
> * {{org.apache.struts2.util.ServletContextAware}}
> * {{org.apache.struts2.interceptor.ServletRequestAware}}
> * {{org.apache.struts2.interceptor.ServletResponseAware}}
> * {{org.apache.struts2.interceptor.ParameterAware}}
> * {{org.apache.struts2.interceptor.SessionAware}}
> * {{org.apache.struts2.interceptor.ApplicationAware}}
> * {{org.apache.struts2.interceptor.PrincipalAware}}
> all these interfaces have proper replacement in {{org.apache.struts2.action}}
> package
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Work logged] (WW-5251) Remove deprecated interfaces used with ServletConfigInterceptor
[
https://issues.apache.org/jira/browse/WW-5251?focusedWorklogId=851062=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-851062
]
ASF GitHub Bot logged work on WW-5251:
--
Author: ASF GitHub Bot
Created on: 15/Mar/23 07:50
Start Date: 15/Mar/23 07:50
Worklog Time Spent: 10m
Work Description: lukaszlenart merged PR #670:
URL: https://github.com/apache/struts/pull/670
Issue Time Tracking
---
Worklog Id: (was: 851062)
Remaining Estimate: 0h
Time Spent: 10m
> Remove deprecated interfaces used with ServletConfigInterceptor
> ---
>
> Key: WW-5251
> URL: https://issues.apache.org/jira/browse/WW-5251
> Project: Struts 2
> Issue Type: Improvement
> Components: Core Interceptors
>Reporter: Lukasz Lenart
>Assignee: Stefaan Dutry
>Priority: Major
> Fix For: 6.2.0
>
> Time Spent: 10m
> Remaining Estimate: 0h
>
> {{ServletConfigInterceptor}} supports a bunch of deprecated interfaces which
> already have proper replacement and they should be removed
> * {{org.apache.struts2.util.ServletContextAware}}
> * {{org.apache.struts2.interceptor.ServletRequestAware}}
> * {{org.apache.struts2.interceptor.ServletResponseAware}}
> * {{org.apache.struts2.interceptor.ParameterAware}}
> * {{org.apache.struts2.interceptor.SessionAware}}
> * {{org.apache.struts2.interceptor.ApplicationAware}}
> * {{org.apache.struts2.interceptor.PrincipalAware}}
> all these interfaces have proper replacement in {{org.apache.struts2.action}}
> package
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Resolved] (WW-5253) Remove deprecated methods from DefaultUrlHelper
[ https://issues.apache.org/jira/browse/WW-5253?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Lukasz Lenart resolved WW-5253. --- Resolution: Fixed > Remove deprecated methods from DefaultUrlHelper > --- > > Key: WW-5253 > URL: https://issues.apache.org/jira/browse/WW-5253 > Project: Struts 2 > Issue Type: Improvement > Components: Core >Reporter: Lukasz Lenart >Assignee: Stefaan Dutry >Priority: Major > Fix For: 6.2.0 > > Time Spent: 10m > Remaining Estimate: 0h > > Related to WW-4692 -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Work logged] (WW-5253) Remove deprecated methods from DefaultUrlHelper
[ https://issues.apache.org/jira/browse/WW-5253?focusedWorklogId=851060=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-851060 ] ASF GitHub Bot logged work on WW-5253: -- Author: ASF GitHub Bot Created on: 15/Mar/23 07:48 Start Date: 15/Mar/23 07:48 Worklog Time Spent: 10m Work Description: lukaszlenart merged PR #671: URL: https://github.com/apache/struts/pull/671 Issue Time Tracking --- Worklog Id: (was: 851060) Remaining Estimate: 0h Time Spent: 10m > Remove deprecated methods from DefaultUrlHelper > --- > > Key: WW-5253 > URL: https://issues.apache.org/jira/browse/WW-5253 > Project: Struts 2 > Issue Type: Improvement > Components: Core >Reporter: Lukasz Lenart >Assignee: Stefaan Dutry >Priority: Major > Fix For: 6.2.0 > > Time Spent: 10m > Remaining Estimate: 0h > > Related to WW-4692 -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (WW-5295) s:date ignores LocalTime
[ https://issues.apache.org/jira/browse/WW-5295?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Lukasz Lenart updated WW-5295: -- Fix Version/s: 6.2.0 > s:date ignores LocalTime > > > Key: WW-5295 > URL: https://issues.apache.org/jira/browse/WW-5295 > Project: Struts 2 > Issue Type: Bug > Components: Core Tags >Affects Versions: 6.1.2 >Reporter: nikos dimitrakas >Priority: Major > Fix For: 6.2.0 > > > After upgrading from v5 to v6 I got an error with s:date not working with > java.sql.Time. Since WW-5272 is not yet released, I thought I will convert > java.sql.Time to LocalTime by simply changing the ognl expression in my > s:date tags. > For example from > > to > > This way there was no UnsupportedOperationException, but it turns out that > nothing happens. In the class org.apache.struts2.components.Date there is no > case for LocalTime and we end up with a log message LocalTime isn't > supported!. > There should be support for both java.sql.Time (as per WW-5272) and for > LocalTime with similar behaviour. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Resolved] (WW-5243) Removes support for "struts.mapper.action.prefix.crossNamespaces"
[
https://issues.apache.org/jira/browse/WW-5243?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Lukasz Lenart resolved WW-5243.
---
Resolution: Fixed
> Removes support for "struts.mapper.action.prefix.crossNamespaces"
> -
>
> Key: WW-5243
> URL: https://issues.apache.org/jira/browse/WW-5243
> Project: Struts 2
> Issue Type: Improvement
> Components: Core
>Affects Versions: 6.1.1
>Reporter: Lukasz Lenart
>Assignee: Stefaan Dutry
>Priority: Major
> Fix For: 6.2.0
>
> Time Spent: 10m
> Remaining Estimate: 0h
>
> Remove support for using {{struts.mapper.action.prefix.crossNamespaces}}
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Work logged] (WW-5243) Removes support for "struts.mapper.action.prefix.crossNamespaces"
[
https://issues.apache.org/jira/browse/WW-5243?focusedWorklogId=851058=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-851058
]
ASF GitHub Bot logged work on WW-5243:
--
Author: ASF GitHub Bot
Created on: 15/Mar/23 07:37
Start Date: 15/Mar/23 07:37
Worklog Time Spent: 10m
Work Description: lukaszlenart merged PR #669:
URL: https://github.com/apache/struts/pull/669
Issue Time Tracking
---
Worklog Id: (was: 851058)
Remaining Estimate: 0h
Time Spent: 10m
> Removes support for "struts.mapper.action.prefix.crossNamespaces"
> -
>
> Key: WW-5243
> URL: https://issues.apache.org/jira/browse/WW-5243
> Project: Struts 2
> Issue Type: Improvement
> Components: Core
>Affects Versions: 6.1.1
>Reporter: Lukasz Lenart
>Assignee: Stefaan Dutry
>Priority: Major
> Fix For: 6.2.0
>
> Time Spent: 10m
> Remaining Estimate: 0h
>
> Remove support for using {{struts.mapper.action.prefix.crossNamespaces}}
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
