[ofbiz-framework] branch trunk updated: Fixed: impersonateLogin (OFBIZ-5409)

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

[ofbiz-framework] branch trunk updated: Fixed: impersonateLogin (OFBIZ-5409)

jleroux@apache.org
This is an automated email from the ASF dual-hosted git repository.

jleroux pushed a commit to branch trunk
in repository https://gitbox.apache.org/repos/asf/ofbiz-framework.git


The following commit(s) were added to refs/heads/trunk by this push:
     new d5f19e3  Fixed: impersonateLogin (OFBIZ-5409)
d5f19e3 is described below

commit d5f19e356007695e94f4470bc418a0cd77cf18ac
Author: Jacques Le Roux <[hidden email]>
AuthorDate: Tue Feb 4 15:35:40 2020 +0100

    Fixed: impersonateLogin
    (OFBIZ-5409)
   
    I reopended this old issue because, while working on  OFBIZ-11329, I found that
    userLogin and impersonateLogin should be removed from
    jsonResponseFromRequestAttributes
   
    Thanks: James Yong for pointing that out
---
 .../common/src/main/java/org/apache/ofbiz/common/CommonEvents.java  | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/framework/common/src/main/java/org/apache/ofbiz/common/CommonEvents.java b/framework/common/src/main/java/org/apache/ofbiz/common/CommonEvents.java
index 2d977b8..2135444 100644
--- a/framework/common/src/main/java/org/apache/ofbiz/common/CommonEvents.java
+++ b/framework/common/src/main/java/org/apache/ofbiz/common/CommonEvents.java
@@ -63,7 +63,7 @@ public class CommonEvents {
 
     public static final String module = CommonEvents.class.getName();
 
-    private static final String[] ignoreAttrs = new String[] { // Attributes removed for security reason; _ERROR_MESSAGE_ is kept
+    private static final String[] ignoreAttrs = new String[] { // Attributes removed for security reason; _ERROR_MESSAGE_ and _ERROR_MESSAGE_LIST are kept
         "javax.servlet.request.key_size",
         "_CONTEXT_ROOT_",
         "_FORWARDED_FROM_SERVLET_",
@@ -75,7 +75,9 @@ public class CommonEvents {
         "_SERVER_ROOT_URL_",
         "_CONTROL_PATH_",
         "thisRequestUri",
-        "org.apache.tomcat.util.net.secure_protocol_version"
+        "org.apache.tomcat.util.net.secure_protocol_version",
+        "userLogin",
+        "impersonateLogin"
     };
 
     /** Simple event to set the users per-session locale setting. The user's locale