From 9fe1a4a031ecb5b575a1d02489bb52428fa89068 Mon Sep 17 00:00:00 2001 From: Kusal Kithul-Godage Date: Tue, 9 Jul 2024 03:56:17 +1000 Subject: [PATCH] WW-5428 Stop excessive logging in DevMode --- .../xwork2/ognl/SecurityMemberAccess.java | 16 ---------------- 1 file changed, 16 deletions(-) diff --git a/core/src/main/java/com/opensymphony/xwork2/ognl/SecurityMemberAccess.java b/core/src/main/java/com/opensymphony/xwork2/ognl/SecurityMemberAccess.java index f225b3c89c..333fd276a4 100644 --- a/core/src/main/java/com/opensymphony/xwork2/ognl/SecurityMemberAccess.java +++ b/core/src/main/java/com/opensymphony/xwork2/ognl/SecurityMemberAccess.java @@ -224,7 +224,6 @@ public boolean isAccessible(Map context, Object target, Member member, String pr */ protected boolean checkAllowlist(Object target, Member member) { if (!enforceAllowlistEnabled) { - logAllowlistDisabled(); return true; } @@ -259,21 +258,6 @@ protected boolean checkAllowlist(Object target, Member member) { return true; } - private void logAllowlistDisabled() { - if (!isDevMode && !LOG.isDebugEnabled()) { - return; - } - String msg = "OGNL allowlist is disabled!" + - " We strongly recommend keeping it enabled to protect against critical vulnerabilities." + - " Set the configuration `{0}=true` to enable it."; - Object[] args = {StrutsConstants.STRUTS_ALLOWLIST_ENABLE}; - if (isDevMode) { - LOG.warn(msg, args); - } else { - LOG.debug(msg, args); - } - } - private void logAllowlistHibernateEntity(Object original, Object resolved) { if (!isDevMode && !LOG.isDebugEnabled()) { return;