com.atlassian.jira.webwork
Class JiraSafeActionParameterSetter
java.lang.Object
com.atlassian.jira.webwork.JiraSafeActionParameterSetter
public class JiraSafeActionParameterSetter
- extends Object
This class is a replacement for the broken and dangerous webwork1 'el' based BeanUtil.setProperties(java.util.Map, Object)
This uses a different set of rules when accepting input from the web, with some nods towards webwork1 to keep its old
behaviour but lose its dangerous nature.
Top Level Code Only
Only Action level public java.beans
setters can be invoked. You can not longer navigate away from an Action
into other code. In the old days one could invoke nearly arbitrary code. Uncool!
Null Values Are Never Set
Null parameter values are never set into the action. This is old behaviour.
Only Certain Data Types
See the class KnownParameterConverters
for a complete list but
basically its Strings, Longs, Integers, Shorts, Bytes and so on.
String / String[] / Other Types Precedence
The webwork1 code used the above precedence in choosing a setter. More by accident that by design I suspect.
webwork.action.IllegalArgumentAware
If an action is IllegalArgumentAware
, then it will be told about bad parameters and the
exception will be ignored. All JiraWebActionSupport
actions implements IllegalArgumentAware
. JIRA is aware!
Introduced / changed as part of JRA-15664
- Since:
- v3.13.2
Method Summary |
void |
setSafeParameters(webwork.action.Action action,
Map<String,?> webParameters)
This is called to set a map of parameters into an action. |
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
JiraSafeActionParameterSetter
public JiraSafeActionParameterSetter()
setSafeParameters
public void setSafeParameters(webwork.action.Action action,
Map<String,?> webParameters)
- This is called to set a map of parameters into an action. This is the designated way we want input from the web
to be set into into web actions.
The action MUST not be a
SafeAction
and an assertions is made to that end.
- Parameters:
action
- the action in playwebParameters
- the map of web request parameters
Copyright © 2002-2012 Atlassian. All Rights Reserved.