some simple testing shows that the field value is simply evaluated...
try to put on a struts textfield %{1+1} submit and you'll get "2" on
the field...
Cool but don't think it should be the default behaviour.
What constructs can trigger recursion ?
Il giorno 05/lug/07, alle ore 14:00, Andrea ha scritto:
Antonio Petrelli <antonio.petrelli <at> gmail.com> writes:
Hi all,
Andrea Vettori, in the Struts Users mailing list, probably discovered
a possible Denial-Of-Service bug in Struts 2.
The cause could be XWork.
Hi,
furthermore I'd like to know if there are other "values" that can
trigger the
problem.
Since I don't think that normal users of my site use that kind of
password,
I'm looking for whatever has triggered the problem about once a day
on my
e-commerce site...
I've tried to follow the source of various classes but it's all new
to me so I'm
a bit lost.
Thanks
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
--
Ing. Andrea Vettori
Consulente per l'Information Technology
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
