2014-12-03 3:14 GMT+01:00 Joseph Walton <jwal...@atlassian.com>: > The workaround (copying struts.excludedClasses across from the defaults and > removing java.lang.Class) works for me for now. I'll consider this another > warning about static methods going away rather than looking at a fix or > opening a WW. > > This might be worth a note in the release notes, for anyone else still > using struts.ognl.allowStaticMethodAccess.
I've extended Security page (which is referenced on the Version notes) https://cwiki.apache.org/confluence/display/WW/Security#Security-Accessingstaticmethods Regards -- Ćukasz + 48 606 323 122 http://www.lenart.org.pl/ --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@struts.apache.org For additional commands, e-mail: dev-h...@struts.apache.org
