This preview shows page 1. Sign up to view the full content.
Unformatted text preview: le). - Hit a URL like this one: http://localhost:8080/myWebapp/crossSiteScriptingAttack/<script>alert('Alert Window')</script>.do EXPECTED: an error that says: There is no Struts module configuration registered for /crossSiteScriptingAttack/<script>alert('hi')</script>.do (module path /crossSiteScriptingAttack/alert('hi')<). ACTUAL: an error that says: There is no Struts module configuration registered for /crossSiteScriptingAttack/.do (module path /crossSiteScriptingAttack/alert('hi')<). ...and, the script EXECUTES on the client -- you see a browser alert box that says "hi". Class DeleteCallback must not assume managed relationships. There is a portability issue with test case DeleteCallback: The test case assumes that a JDO implementation supports managed relationships, because it deletes instances which are referenced by other instances. Given that the relationships are represented by foreign keys in the database for which the delete rule is specified as RESTRICT, the test will cause errors for JDO implementations which do not support managed relationships, because it does not nullify those references explicitely, In order to make the test case portable, it should explicitely nullify references to all deleted objects first. Afterwards, it should call Query.deletePersistentAll. Enhancer error message for org/apache/jdo/tck/pc/mylib/PCClass.jdo From the enhancer log (application identity): ERROR [JPOX.MetaData] - MetaData Parser encountered an error in file "org/apache/jdo/tck/pc/mylib/PCClass.jdo" at line 20 : Element "class" does not allow "query" here. - Please check your specification of DTD and the validity of the MetaData XML that you have specified. For datastore identity, it's line 20. Improve handling of comments notification if invalid email we should fix that so that it doesn't break if someone doesn't put in a valid formatted email address. -- Allen Subject: Re: email notification of comments? From: Bruce Geerdes <...
View Full Document
This document was uploaded on 10/12/2012.
- Spring '09