[Stripes-dev] [JIRA] Updated: (STS-673) Can the @StrictBinding facility enhanced to allow the optional throwing of an exception rather than only the logging of a warning?

Wed, 20 Apr 2011 11:34:36 -0700 

     [ 
http://www.stripesframework.org/jira/browse/STS-673?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Richard Hauswald updated STS-673:
---------------------------------

    Attachment: BindingDenied.patch

After talking with Ben we came to the conclusion that this only happens if:
a) One forget to use the @Validate Annotation when developing the application. 
In this case the warn message has been improved.
b) A bad guy tried to hack the application. In such a case it is the best to 
log the attempt and ignore it. Doing more than this is kind of dangerous. It 
gives the bad guy the opportunity to make the system react to his actions which 
may be used to compromise the system.

If there is another use case I forgot to think about please comment.

> Can the @StrictBinding facility enhanced to allow the optional throwing of an 
> exception rather than only the logging of a warning?
> ----------------------------------------------------------------------------------------------------------------------------------
>
>                 Key: STS-673
>                 URL: http://www.stripesframework.org/jira/browse/STS-673
>             Project: Stripes
>          Issue Type: New Feature
>          Components: ActionBean Dispatching, Validation
>            Reporter: Barry Davies
>            Priority: Minor
>             Fix For: Release 1.6
>
>         Attachments: BindingDeniedException.patch, BindingDenied.patch
>
>
> Sometimes, crazy schlubs like myself would like more concrete ability to 
> insert arbitrary logic in the event of @StrictBinding filtering off request 
> parameters from binding.  If the StrictBinding facility were enhanced to 
> optionally throw a RuntimeException, then I would be able to create an 
> ExceptionHandler to perform said arbitrary logic.  Does that sound like a 
> workable idea?

-- 
This message is automatically generated by JIRA.
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

------------------------------------------------------------------------------
Benefiting from Server Virtualization: Beyond Initial Workload 
Consolidation -- Increasing the use of server virtualization is a top
priority.Virtualization can reduce costs, simplify management, and improve 
application availability and disaster protection. Learn more about boosting 
the value of server virtualization. http://p.sf.net/sfu/vmware-sfdev2dev
_______________________________________________
Stripes-development mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/stripes-development

Reply via email to