January 2018 - jboss-jira - Jboss List Archives

[JBoss JIRA] (WFLY-9620) ServletContext.getResourceAsStream, for deployments which have (Java EE) servlet overlays, serves files which are outside of the deployment

by Yeray Borges (JIRA)

[ https://issues.jboss.org/browse/WFLY-9620?page=com.atlassian.jira.plugin.... ] Yeray Borges reopened WFLY-9620: -------------------------------- Assignee: Yeray Borges (was: Stuart Douglas) > ServletContext.getResourceAsStream, for deployments which have (Java EE) servlet overlays, serves files which are outside of the deployment > ------------------------------------------------------------------------------------------------------------------------------------------- > > Key: WFLY-9620 > URL: https://issues.jboss.org/browse/WFLY-9620 > Project: WildFly > Issue Type: Bug > Components: Web (Undertow) > Affects Versions: 9.0.2.Final, 10.1.0.Final, 11.0.0.Final > Reporter: Laurent ROUSSEL > Assignee: Yeray Borges > Priority: Critical > Fix For: 12.0.0.Alpha1 > > > A user has reported in the forums that there appears to be an issue (since 9.0.x till present 11.0.0 WildFly releases) where files like `/etc/passwd` are served by the web container to the clients, when the client requests a crafted URL against a Java EE deployment which has (Java EE) servlet overlays. Please see the referenced forum thread[1] for more details. > Although, the steps noted in that thread involves Spring framework and gets triggered in a very specific way, the root cause appears to be the call to `ServletContext.getResourceAsInputStream` (which is what the spring framework ends up calling with a path like "/../../../../../../../..//etc/passwd", ends up actually serving the resource even if the path is outside the scope of the deployment to which the servlet context belongs. > I could reproduce this against the latest WildFly in a simple test case that's here [2] > [1] https://developer.jboss.org/thread/276826 > [2] https://github.com/jaikiran/wildfly/commit/ed05258aa824ab91a52ef6554e9707... > P.S: The credit for reporting this issue should go to Laurent Roussel who reported this in the forum thread, but I don't have access to change the "Reporter" field of the JIRA -- This message was sent by Atlassian JIRA (v7.5.0#75005)

8 years, 3 months

1
0
0 / 0

[JBoss JIRA] (DROOLS-2262) [DMN Designer] DND Grid Column width is not preserved

by Jozef Marko (JIRA)

Jozef Marko created DROOLS-2262: ----------------------------------- Summary: [DMN Designer] DND Grid Column width is not preserved Key: DROOLS-2262 URL: https://issues.jboss.org/browse/DROOLS-2262 Project: Drools Issue Type: Bug Components: DMN Editor Affects Versions: 7.6.0.Final Reporter: Jozef Marko Assignee: Michael Anstis DND Grid Column don't preserve the width. -- This message was sent by Atlassian JIRA (v7.5.0#75005)

8 years, 3 months

1
0
0 / 0

[JBoss JIRA] (DROOLS-2261) [DMN Designer] Context Entry Default Value Column width does not fill parent

by Jozef Marko (JIRA)

[ https://issues.jboss.org/browse/DROOLS-2261?page=com.atlassian.jira.plugi... ] Jozef Marko updated DROOLS-2261: -------------------------------- Description: Context Entry Default Value Column width does not fill parent. Width is fixed if some small resizing is done in grid. (was: The DND Grid Columns don't preserve column width between savings.) > [DMN Designer] Context Entry Default Value Column width does not fill parent > ---------------------------------------------------------------------------- > > Key: DROOLS-2261 > URL: https://issues.jboss.org/browse/DROOLS-2261 > Project: Drools > Issue Type: Bug > Components: DMN Editor > Affects Versions: 7.6.0.Final > Reporter: Jozef Marko > Assignee: Michael Anstis > Attachments: after-reopen.png, non-saved.png > > > Context Entry Default Value Column width does not fill parent. Width is fixed if some small resizing is done in grid. -- This message was sent by Atlassian JIRA (v7.5.0#75005)

8 years, 3 months

1
0
0 / 0

[JBoss JIRA] (DROOLS-2261) [DMN Designer] Context Entry Default Value Column width does not fill parent

by Jozef Marko (JIRA)

[ https://issues.jboss.org/browse/DROOLS-2261?page=com.atlassian.jira.plugi... ] Jozef Marko updated DROOLS-2261: -------------------------------- Summary: [DMN Designer] Context Entry Default Value Column width does not fill parent (was: [DMN Designer] DND Column width does not fill parent) > [DMN Designer] Context Entry Default Value Column width does not fill parent > ---------------------------------------------------------------------------- > > Key: DROOLS-2261 > URL: https://issues.jboss.org/browse/DROOLS-2261 > Project: Drools > Issue Type: Bug > Components: DMN Editor > Affects Versions: 7.6.0.Final > Reporter: Jozef Marko > Assignee: Michael Anstis > Attachments: after-reopen.png, non-saved.png > > > The DND Grid Columns don't preserve column width between savings. -- This message was sent by Atlassian JIRA (v7.5.0#75005)

8 years, 3 months

1
0
0 / 0

[JBoss JIRA] (DROOLS-2261) [DMN Designer] Context Entry Default Value Column width does not fill parent

by Jozef Marko (JIRA)

[ https://issues.jboss.org/browse/DROOLS-2261?page=com.atlassian.jira.plugi... ] Jozef Marko updated DROOLS-2261: -------------------------------- Steps to Reproduce: # Create new DMN Diagram # Add decision node # Open DND of the decision node # Model as: -- !non-saved.png|thumbnail! # Save and reopen # You will in situation like: -- !after-reopen.png|thumbnail! was: # Create new DMN Diagram # Add decision ndoe # Open DND of the decision node # Model as: -- !non-saved.png|thumbnail! # Save and reopen # You will in situation like: -- !after-reopen.png|thumbnail! > [DMN Designer] Context Entry Default Value Column width does not fill parent > ---------------------------------------------------------------------------- > > Key: DROOLS-2261 > URL: https://issues.jboss.org/browse/DROOLS-2261 > Project: Drools > Issue Type: Bug > Components: DMN Editor > Affects Versions: 7.6.0.Final > Reporter: Jozef Marko > Assignee: Michael Anstis > Attachments: after-reopen.png, non-saved.png > > > The DND Grid Columns don't preserve column width between savings. -- This message was sent by Atlassian JIRA (v7.5.0#75005)

8 years, 3 months

1
0
0 / 0

[JBoss JIRA] (DROOLS-2261) [DMN Designer] DND Column width does not fill parent

by Jozef Marko (JIRA)

[ https://issues.jboss.org/browse/DROOLS-2261?page=com.atlassian.jira.plugi... ] Jozef Marko updated DROOLS-2261: -------------------------------- Summary: [DMN Designer] DND Column width does not fill parent (was: [DMN Designer] DND Column width is not preserved) > [DMN Designer] DND Column width does not fill parent > ---------------------------------------------------- > > Key: DROOLS-2261 > URL: https://issues.jboss.org/browse/DROOLS-2261 > Project: Drools > Issue Type: Bug > Components: DMN Editor > Affects Versions: 7.6.0.Final > Reporter: Jozef Marko > Assignee: Michael Anstis > Attachments: after-reopen.png, non-saved.png > > > The DND Grid Columns don't preserve column width between savings. -- This message was sent by Atlassian JIRA (v7.5.0#75005)

8 years, 3 months

1
0
0 / 0

[JBoss JIRA] (DROOLS-2261) [DMN Designer] DND Column width is not preserved

by Michael Anstis (JIRA)

[ https://issues.jboss.org/browse/DROOLS-2261?page=com.atlassian.jira.plugi... ] Michael Anstis commented on DROOLS-2261: ---------------------------------------- [~jomarko] Your screen shots show a different issue; the bottom "outer default text" {{LiteralExpression}} editor has not been sized to fill it's parent. You do however raise the issue that column sizes are not persisted (indeed, if you'd resized the top level "My name" column - the column containing "default" - and re-opened you'd notice the column's width was not preserved...). [~tirelli] [~tari_manga] What do you want to do? I'm sure we could store the widths in the DMN1.1 extensions (as we do for node colour etc). IDK if DMN1.2 supports persistence of other visual meta-data like column width etc. > [DMN Designer] DND Column width is not preserved > ------------------------------------------------ > > Key: DROOLS-2261 > URL: https://issues.jboss.org/browse/DROOLS-2261 > Project: Drools > Issue Type: Bug > Components: DMN Editor > Affects Versions: 7.6.0.Final > Reporter: Jozef Marko > Assignee: Michael Anstis > Attachments: after-reopen.png, non-saved.png > > > The DND Grid Columns don't preserve column width between savings. -- This message was sent by Atlassian JIRA (v7.5.0#75005)

8 years, 3 months

1
0
0 / 0

[JBoss JIRA] (DROOLS-1956) [DMN Editor] Introduce unit test for Converters

by Jozef Marko (JIRA)

[ https://issues.jboss.org/browse/DROOLS-1956?page=com.atlassian.jira.plugi... ] Jozef Marko updated DROOLS-1956: -------------------------------- Attachment: org.kie.workbench.common.dmn.backend.definition.v1_1.html > [DMN Editor] Introduce unit test for Converters > ----------------------------------------------- > > Key: DROOLS-1956 > URL: https://issues.jboss.org/browse/DROOLS-1956 > Project: Drools > Issue Type: Task > Components: DMN Editor > Affects Versions: 7.2.0.Final > Reporter: Jozef Marko > Assignee: Jozef Marko > Fix For: 7.6.0.Final > > Attachments: org.kie.workbench.common.dmn.backend.definition.v1_1.html > > > Cover the classes below with unit tests. > - FontSetPropertyConverter > - InformationItemPropertyConverter > - InputDataConverter -- This message was sent by Atlassian JIRA (v7.5.0#75005)

8 years, 3 months

1
0
0 / 0

[JBoss JIRA] (DROOLS-1956) [DMN Editor] Introduce unit test for Converters

by Jozef Marko (JIRA)

[ https://issues.jboss.org/browse/DROOLS-1956?page=com.atlassian.jira.plugi... ] Jozef Marko commented on DROOLS-1956: ------------------------------------- Covered enough, see: - [^org.kie.workbench.common.dmn.backend.definition.v1_1.html] > [DMN Editor] Introduce unit test for Converters > ----------------------------------------------- > > Key: DROOLS-1956 > URL: https://issues.jboss.org/browse/DROOLS-1956 > Project: Drools > Issue Type: Task > Components: DMN Editor > Affects Versions: 7.2.0.Final > Reporter: Jozef Marko > Assignee: Jozef Marko > Fix For: 7.6.0.Final > > Attachments: org.kie.workbench.common.dmn.backend.definition.v1_1.html > > > Cover the classes below with unit tests. > - FontSetPropertyConverter > - InformationItemPropertyConverter > - InputDataConverter -- This message was sent by Atlassian JIRA (v7.5.0#75005)

8 years, 3 months

1
0
0 / 0

[JBoss JIRA] (DROOLS-1956) [DMN Editor] Introduce unit test for Converters

by Jozef Marko (JIRA)

[ https://issues.jboss.org/browse/DROOLS-1956?page=com.atlassian.jira.plugi... ] Jozef Marko resolved DROOLS-1956. --------------------------------- Fix Version/s: 7.6.0.Final Resolution: Out of Date > [DMN Editor] Introduce unit test for Converters > ----------------------------------------------- > > Key: DROOLS-1956 > URL: https://issues.jboss.org/browse/DROOLS-1956 > Project: Drools > Issue Type: Task > Components: DMN Editor > Affects Versions: 7.2.0.Final > Reporter: Jozef Marko > Assignee: Jozef Marko > Fix For: 7.6.0.Final > > Attachments: org.kie.workbench.common.dmn.backend.definition.v1_1.html > > > Cover the classes below with unit tests. > - FontSetPropertyConverter > - InformationItemPropertyConverter > - InputDataConverter -- This message was sent by Atlassian JIRA (v7.5.0#75005)

8 years, 3 months

1
0
0 / 0

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira January 2018