[richfaces-issues] [JBoss JIRA] (RF-12813) rich:panelMenuItem executes action even if disabled attribute evaluates to true
Pavol Pitonak (JIRA)
issues at jboss.org
Wed Jan 15 09:37:33 EST 2014
[ https://issues.jboss.org/browse/RF-12813?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Pavol Pitonak closed RF-12813.
------------------------------
I added a reproducer to Metamer (http://localhost:8080/metamer/faces/components/richPanelMenu/rf12813.xhtml).
Verified in 4.3, 4.5 and 5.0.
> rich:panelMenuItem executes action even if disabled attribute evaluates to true
> -------------------------------------------------------------------------------
>
> Key: RF-12813
> URL: https://issues.jboss.org/browse/RF-12813
> Project: RichFaces
> Issue Type: Bug
> Security Level: Public(Everyone can see)
> Components: component-menu
> Affects Versions: 4.3.0.Final
> Reporter: Andrey Zhemoytuk
> Assignee: Brian Leathem
> Labels: needs-qe
> Fix For: 4.3.5, 4.5.0.Alpha2, 5.0.0.Alpha3
>
> Original Estimate: 30 minutes
> Remaining Estimate: 30 minutes
>
> org.richfaces.renderkit.html.PanelMenuItemRenderer#doDecode does not check 'disabled' attribute (how usually do other components before executing action) which may cause security issues.
> Initially reported on:
> http://stackoverflow.com/questions/15130807/richfaces-panelmenuitem-reevaluating-disabled-not-working
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the richfaces-issues
mailing list