I am not familiar with the Run As options of the IDE as I use
command line for such tasks, but basically you are expected to create
a war file and deploy it to your container when something changes.
Personally I am using the mvn jetty plugin and Jrebel (when doing open
source work) for that.
Can
This is a well know problem with Eclipse - it stop deploying new
version at some point. Try to Clean and Deploy (that how it was in
NetBeans - I don't have Eclipse)
Regards
--
Łukasz
+ 48 606 323 122 http://www.lenart.org.pl/
Sorry, what do you mean with Submit class?
Use case is simple login. The exception is thrown when the form does not pass
validation and results in input.
Displayed s:actionmessage / is:
Developer Notification (set struts.devMode to false to disable this message):
Unexpected Exception caught
Anyone read this?
http://java.dzone.com/articles/was-struts-responsible-apples
How we handle this?
F
I read that. I don't think we should do anything.
The blog post is speculative. Nobody from Apple did tell us if it was
really a Struts problem or not. If it is, then well, we can't do
anything. This doesn't make Struts a dangerous framework at all, it
just highlights you should update when your
Any apple guy here?
I.just want to.know.how.struts.use there.
I just know they use .action means struts apps.
On Jul 31, 2013 7:22 PM, Christian Grobmeier grobme...@gmail.com wrote:
I read that. I don't think we should do anything.
The blog post is speculative. Nobody from Apple did tell us
I browsed through apple site i could not find any clue that it was made in
struts, can you please let me know how did the hacker recognized that it
was developed in struts, secondly how could he exactly hiek , sorry if this
is out of scope for this forum
On Wed, Jul 31, 2013 at 6:08 PM, Frans
Hi Vicky,
the .action by itself in the Urls is a good hint. Furthermore, if you check
the html source you'll probably find struts written somewhere e.g., dojodivs
Antonios
On 31 July 2013 14:04, vicky b vickyb2...@gmail.com wrote:
I browsed through apple site i could not find any clue that
I read through the blog i confused at this statement
n Struts 2 before 2.3.15.1 the information following action:,
redirect: or redirectAction: is not properly sanitized. Since said
information will be evaluated as OGNL expression against the value stack,
this introduces the possibility to inject
You can't rely on anyone's code for security, not a .jar, not struts, not
anything.
To guarantee security you need to go through every single entry point and fuzz
it yourself. This is a major pain and headache and only .001% of devs do this
but don't blame the developers that are providing a
The blog post is speculative, but the Hacker News post was by Patrick
Lightbody, a WW founder. I'm not convinced OGNL itself is the issue, but
rather its unfettered access into internals. An intermediate, sandbox-y
layer might resolve that.
Dave
On Jul 31, 2013 8:22 AM, Christian Grobmeier
On Jul 31, 2013, at 9:25 AM, Dave Newton davelnew...@gmail.com wrote:
I'm not convinced OGNL itself is the issue, but
rather its unfettered access into internals. An intermediate, sandbox-y
layer might resolve that.
It's only partially what data ognl can fetch/modify, it's also what it can do.
Frans
if you want to throw darts at Frameworks Im amazed that nobody mentioned the
vulnerability from Struts Ajax Framework Rival
IceFaces IntervalRenderer not supporting isUserInRole()
https://www.owasp.org/index.php/Java_Server_Faces
(you can integrate ACEGI but that's an afterthought)
I'll voice my personal opinion.
No matter what framework you choose (Struts, MyFaces, Tapestry, etc.), it
is the responsibility of all IT shops to do a security vulnerability
assessment before first releasing to production and after each update. That
is Security 101 because there are multitude of
Hi Struts users,
I am having problems migrating from version 2.3.1.2 to version
2.3.15.1. This upgrade seems pretty important as it fixes a known
security issue.
The problem I am having is the that apparently, I can no longer
check if a property has been
We just discovered that if a MapString,String gets passed to a select-tag
where the entry's key/value pair are MULTIPLE/MULTIPLE that the
option's value attribute contains MULTIPLE as one would have expected, but
the body of the option-tag is empty as seen here
option
Forgot to say: theme is default.
El Miércoles, 31 de julio de 2013 11:07:42 usted escribió:
Sorry, what do you mean with Submit class?
Use case is simple login. The exception is thrown when the form does not pass
validation and results in input.
Displayed s:actionmessage / is:
Developer
At logging out, session is invalidated and redirected page is displayed in
default language.
Say: default language: Spanish; current language: English; logging out and
resulted page is in Spanish, but should be English. .
This is not working (code in action class):
public String
The closeSession redirects to a new page? In that case the setLocale is
lost (it only lives during the request) and the new local is picked up from
the browser language, or from the default language you have setup.
2013/7/31 Antonio Sánchez juntandolin...@gmail.com
At logging out, session is
2013/7/31 Antonio Sánchez juntandolin...@gmail.com:
At logging out, session is invalidated and redirected page is displayed in
default language.
Say: default language: Spanish; current language: English; logging out and
resulted page is in Spanish, but should be English. .
This is not
20 matches
Mail list logo