Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

WW-5442 Enforce allowlist for OgnlReflectionProvider #988

Merged
merged 1 commit into from
Jul 14, 2024

Conversation

kusalk
Copy link
Member

@kusalk kusalk commented Jul 13, 2024

WW-5442

Previously, I had exempted the OgnlReflectionProvider from the allowlist due to some initialisation issues but I've fixed this now by updating the allowlist as each class is loaded when XML configuration is being read.

@kusalk kusalk force-pushed the kusal-experimental branch from 2ad0e31 to d71bcb5 Compare July 13, 2024 14:08
@kusalk kusalk force-pushed the kusal-experimental branch from d71bcb5 to b7b5bff Compare July 13, 2024 14:47
@kusalk kusalk changed the title Kusal experimental WW-5442 Enforce allowlist for OgnlReflectionProvider Jul 13, 2024
@kusalk kusalk marked this pull request as ready for review July 13, 2024 14:52
Copy link

@kusalk kusalk requested a review from lukaszlenart July 13, 2024 15:03
@kusalk kusalk merged commit 085471b into master Jul 14, 2024
9 checks passed
@kusalk kusalk deleted the kusal-experimental branch July 14, 2024 11:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants