is another authorization bypass in Spring Security. Like CVE-2022-31692 it’s nasty because it allows completely unrestricted access to supposedly protected
Problem with all these is that securitymanager intercepts the actual system.exit. So system.exit never occurs and also not the associated actions like removing temp files. Therefore these methods...
https://www.dontpanicblog.co.uk/2022/10/30/testing-system-exit/#comment-20077
Can xrebel work with SpringBoot3 ,undertow? with IDEA .Actually, I have some problems. Thanks undertow-servlet 2.3.8.Final 2023-11-14 16:42:21.656 XRebel: ERROR Class 'io.undertow.servlet.spec....
https://www.dontpanicblog.co.uk/2014/08/10/xrebel/#comment-19985
Multi module project parent using ${revision} to version. how to release multiple module project without changing each module parent version number. it should use revision properties. Trying Ci f...
https://www.dontpanicblog.co.uk/2011/12/13/maven-release-plugin/#comment-19650
I know this is an old article but one thing, in "Test log4j with a custom appender " you should also call removeAppender in an @After so the appender list doesn't keep growing. It seems harmless ...
https://www.dontpanicblog.co.uk/2018/01/15/test-log4j-with-junit/#comment-18911
The retry pattern is great, many thanks
https://www.dontpanicblog.co.uk/2020/11/28/execute-around-idiom-in-java/#comment-18153
In reply to sreekumar. Working example on GitHub. Here's the full test class: https://github.com/hot...
https://www.dontpanicblog.co.uk/2018/04/29/test-log4j2-with-junit/#comment-17828
in the Apache Commons Text library. Like previous brand-name vulnerabilities Log4Shell and Spring4Shell, it’s a Remote Code Execution (RCE) vulnerability that allows a bad actor to run arbitra...
https://www.dontpanicblog.co.uk/2022/04/04/spring4shell/#comment-17817
In reply to Matt. Could you please share the whole class
https://www.dontpanicblog.co.uk/2018/04/29/test-log4j2-with-junit/#comment-17812
In reply to Steve L. Hi Steve I don't think I've ever tried that and it's been a while since I've ...
https://www.dontpanicblog.co.uk/2017/11/13/validate-jsps-build-time/#comment-17593