Skip to content

SPR-8308: OpPlus should convert operand values to String using registered converters #7

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

SPR-8308: OpPlus should convert operand values to String using registered converters #7

wants to merge 1 commit into from

Conversation

bedla
Copy link
Contributor

@bedla bedla commented Dec 18, 2011

implementation + unittest

@cbeams
Copy link
Contributor

cbeams commented Feb 2, 2012

@aclement could you take a look at this? I'll assign the JIRA issue to you as well.

@cbeams
Copy link
Contributor

cbeams commented Apr 30, 2012

Ivo, I'm looking at merging this pull request, but need to know that you've signed the SpringSource CLA. Please follow the instructions in the contributor guidelines and let us know you've filled out the form (it's easy and just takes a couple minutes).

Thanks!

@bedla
Copy link
Contributor Author

bedla commented Apr 30, 2012

Hi Chris,
I just signed the agreement as "Ivo Smid", do you want to send generated id?
Best regards
Ivos
Dne 30.4.2012 11:08 "Chris Beams" <
reply@reply.github.com>
napsal(a):

Ivo, I'm looking at merging this pull request, but need to know that
you've signed the SpringSource CLA. Please follow the instructions in the
contributor guidelines
and let us know you've filled out the form (it's easy and just takes a
couple minutes).

Thanks!

Reply to this email directly or view it on GitHub:

#7 (comment)

@cbeams
Copy link
Contributor

cbeams commented Apr 30, 2012

Thanks for the quick response! You don't need to post the generated ID here (but do keep track of it). On any future pull requests, you can just add the following line in a comment:

I have signed and agree to the terms of the SpringSource Individual Contributor License Agreement.

Note that I just updated the contributor guidelines document to make this clear.

cbeams added a commit that referenced this pull request Apr 30, 2012
@cbeams
Merge pull request #7 from bedla/SPR-8308
e85e614 
* SPR-8308:
  Convert SpEL plus operands using reg'd converters
@cbeams
Copy link
Contributor

cbeams commented Apr 30, 2012

This change has been merged, but note that several modifications were necessary:

  • The original commit added OpPlusTest under the old org.springframework.expression module. This has been corrected such that the test lives under the new spring-expression module.
  • OpPlusTest has been renamed to OpPlusTests to follow convention with the rest of the framework.
  • A number of whitespace changes were necessary. Particularly one line had trailing whitespace, which should always be avoided.
  • The @since tag on OpPlusTests was updated from 3.0 to 3.2
  • @author Ivo Smid tag added to OpPlus, as the contribution is significant enough to merit doing so.
  • The commit message was updated to adhere to the contributor guidelines.
  • @code tags now replace <code/> tags in Javadoc.
  • Javadoc now wraps at 90 characters.
  • The new OpPlus#convertTypedValueToString method visibility has been decreased from protected to private. This is to avoid adding new elements to the public API until it is deemed necessary. Users are free to request that this method be opened back up, based on legitimate use cases.

Most of the items above are covered in the contributor guidelines. Please review it completely before future submissions.

Thanks for the contribution, Ivo!

@cbeams cbeams closed this Apr 30, 2012
@bedla
Copy link
Contributor Author

bedla commented Apr 30, 2012

You are welcome :-) Next time I will be more careful to satisfy contributor guidelines.

bclozel added a commit that referenced this pull request Sep 22, 2014
@bclozel
Merge pull request #7 from bclozel/forum
1ca26df 
Update navbar item "Forum" -> "Questions"
This was referenced Jan 11, 2019
Closed
Closed
Closed
@NIKOLAY73731 NIKOLAY73731 mentioned this pull request Oct 3, 2020
Closed
This was referenced May 12, 2021
Closed
Closed
@ppyong ppyong mentioned this pull request Jan 23, 2023
Closed
cesarhernandezgt added a commit to cesarhernandezgt/spring-framework that referenced this pull request Oct 29, 2024
@cesarhernandezgt
Merge pull request spring-projects#7 from cesarhernandezgt/v.4.3.30.R…
0fbb94f 
…ELEASE-TT.x-patch

Backport and fixes for ETag parsing
@carl-HelloWorld carl-HelloWorld mentioned this pull request Dec 18, 2024
Closed
@carl-HelloWorld carl-HelloWorld mentioned this pull request Jan 13, 2025
Closed
Ganeshgautam pushed a commit to atlassian-forks/spring-framework that referenced this pull request May 26, 2025
@ssu2-atl
Merged in issue/VULN-1469905-CVE-2024-38820/databinder-case-sensitive…
3ffaa4e 
…-match-exception (pull request spring-projects#7)

CVE-2024-38820 use Locale.ROOT in DataBinder .toLowerCase instances (VULN-1469905 BBSDEV-32637)

This commit does the minimum change in DataBinder.java to address the CVE (and mimics the code change from the [corresponding spring-framework fix in v6.1.14](spring-projects@23656ae#diff-1f22c41307a3ddcec8f1bc7a237d3b77ac7564883f4c663402993affac8a5756R30-R1162) for consistency with the original spring-framework)

CVE-2024-38820 description: The fix for CVE-2022-22968 made disallowedFields patterns in DataBinder case insensitive. However, String.toLowerCase() has some Locale dependent exceptions that could potentially result in fields not protected as expected.

Approved-by: Tomasz Mrowicki
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@bedla @cbeams