[jira] [Commented] (OFBIZ-12221) Improve ObjectInputStream denyList

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

[jira] [Commented] (OFBIZ-12221) Improve ObjectInputStream denyList

ASF subversion and git services (Jira)

    [ https://issues.apache.org/jira/browse/OFBIZ-12221?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17316066#comment-17316066 ]

ASF subversion and git services commented on OFBIZ-12221:
---------------------------------------------------------

Commit 2c6f3068de9d25f42c2fe7d762d1696ba3982dbb in ofbiz-framework's branch refs/heads/release18.12 from Jacques Le Roux
[ https://gitbox.apache.org/repos/asf?p=ofbiz-framework.git;h=2c6f306 ]

Improved: Improve ObjectInputStream denyList (OFBIZ-12221)

In SafeObjectInputStream.properties
  Renames listOfSafeObjectsForInputStream to allowList and fixes it
  Introduces a denyList

Adapts SafeObjectInputStream class to new denyList

Conflicts handled by hand
  framework/base/config/SafeObjectInputStream.properties
  framework/base/src/main/java/org/apache/ofbiz/base/util/SafeObjectInputStream.java


> Improve ObjectInputStream denyList
> ----------------------------------
>
>                 Key: OFBIZ-12221
>                 URL: https://issues.apache.org/jira/browse/OFBIZ-12221
>             Project: OFBiz
>          Issue Type: Improvement
>          Components: framework/base
>    Affects Versions: Trunk
>            Reporter: Jacques Le Roux
>            Assignee: Jacques Le Roux
>            Priority: Trivial
>             Fix For: 18.12.01, 17.12.07
>
>
> Prevent generics markup in string type names.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)