You may use this in Struts.xml
<constant name="struts.ognl.expressionMaxLength" value="360" />
You need to find you longest OGNL value, discipline yourself to shorten
those, rethink you variable name length or disable this completly
<constant name="struts.ognl.expressionMaxLength" value="" />
Not that much of a convincing approach to improve security, but maybe
better than not. I did not like it at all, but learned to live with it.
Best regards
Markus
Am 25.05.22 um 14:34 schrieb Lukasz Lenart:
śr., 25 maj 2022 o 14:22 Greg Huber <gregh3...@gmail.com> napisał(a):
Would there have been any changes to the validator?
This is now not working:
<validator type="expression">
<param name="expression"><![CDATA[
!( (bean.address.postcode1 == null ||
bean.address.postcode1.trim().length() == 0) and (bean.address.postcode2
!= null && bean.address.postcode2.trim().length() > 0)
|| (bean.address.postcode1 != null &&
bean.address.postcode1.trim().length() > 0) and (bean.address.postcode2
== null || bean.address.postcode2.length() == 0)
)
]]></param>
<message key="postcodes.error.bothpostcodes">unspecified
key</message>
</validator>
OGNL expression max length has been defined by default to 256
characters, the above has 351
https://issues.apache.org/jira/browse/WW-5179
Regards
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@struts.apache.org
For additional commands, e-mail: dev-h...@struts.apache.org
