+1 for everything. additional security topics: use TemplateClassResolver.ALLOWS_NOTHING_RESOLVER by default to avoid template injection attacks.
2017-01-12 23:58 GMT+01:00 Daniel Dekany <[email protected]>: > I have collected some further easy changes for FM3... Any comments? > > - Drop FTL classic compatible mode option (Roughly emulates FM1 > behavior at null-s and at some type handling issues) > > - Drop FTL non-strict syntax option (FM1 syntax - that's where you > could write <if x> instead of <#if x>). > > - Drop all the "public static void main(String[] args)" methods (security > concern) > > - Drop freemarker.log. That's a simple log adapter facility from the > ancient times of Java, kind of like commons-logging or slf4j. I > would instead introduce slf4j-api as a required dependency. > > - Drop legacy XML wrapper (freemarker.ext.xml, not to be confused with > freemarker.ext.dom) > > - Drop ant task (freemarker.ext.ant) > > -- > Thanks, > Daniel Dekany > > -- Christoph Rüger, Geschäftsführer Synesty <https://synesty.com/> - Automatisierung, Schnittstellen, Datenfeeds Tel.: +49 3641/559649 Xing: https://www.xing.com/profile/Christoph_Rueger2 LinkedIn: http://www.linkedin.com/pub/christoph-rueger/a/685/198 -- Synesty GmbH Moritz-von-Rohr-Str. 1a 07745 Jena Tel.: +49 3641 559649 Fax.: +49 3641 5596499 Internet: http://synesty.com Geschäftsführer: Christoph Rüger Unternehmenssitz: Jena Handelsregister B beim Amtsgericht: Jena Handelsregister-Nummer: HRB 508766 Ust-IdNr.: DE287564982
