-
Notifications
You must be signed in to change notification settings - Fork 813
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
WW-5350 Implement OGNL Allowlist capability #781
Conversation
SonarCloud Quality Gate failed. 0 Bugs 77.9% Coverage Catch issues before they fail your Quality Gate with our IDE extension SonarLint |
It would be good to document this new future to more visible to the users. Could you also add a section about this new allow list here? |
@lukaszlenart Yep I'll add something about the OgnlGuard too |
@lukaszlenart Going to merge this - but I haven't forgotten about the documentation - I will throw up a PR covering all new capabilities as soon as I've finished #791 :) |
PiperOrigin-RevId: 704484456
PiperOrigin-RevId: 704484456
PiperOrigin-RevId: 704484456
PiperOrigin-RevId: 705145304
WW-5350
Implementation for strict OGNL allowlist feature. It is up to the application to determine which classes/packages need to be allowlisted. The exclusion list will still take precedence (classes on the exclusion list cannot be allowlisted).
I hope to clean this implementation up and both
OgnlUtil
andSecurityMemberAccess
up as part of WW-5343.