public class SecureIntrospector
extends org.apache.velocity.util.introspection.SecureIntrospectorImpl
SecureIntrospectorImpl
is way too restrictive with allowed Class
methods.Constructor and Description |
---|
SecureIntrospector(String[] badClasses,
String[] badPackages,
org.slf4j.Logger log) |
Modifier and Type | Method and Description |
---|---|
boolean |
checkObjectExecutePermission(Class clazz,
String methodName) |
protected Map<Class,Set<String>> |
getWhitelistedMethods() |
getMethod
protected Map<Class,Set<String>> getWhitelistedMethods()
public boolean checkObjectExecutePermission(Class clazz, String methodName)
checkObjectExecutePermission
in interface org.apache.velocity.util.introspection.SecureIntrospectorControl
checkObjectExecutePermission
in class org.apache.velocity.util.introspection.SecureIntrospectorImpl
Copyright © 2004–2021 XWiki. All rights reserved.