+1 for dedicated stack, but not sure if we should name it "default secure stack" as it implies that the other stacks are not secure. 😉
My 2ct on this Best Regards Johannes i...@flyingfischer.ch <i...@flyingfischer.ch> schrieb am Mi., 31. Aug. 2022, 14:20: > Creating a new default secure stack sounds good to me. Thank for > considering. > > As far as I can see there would be 4 additional interceptors in this > secure stack: > > CoepInterceptor.java > CoopInterceptor.java > CspInterceptor.java > FetchMetadataInterceptor.java > > And the appropriate resources used by them: > ResourceIsolationPolicy.java > StrutsResourceIsolationPolicy.java > > Best regards > Markus > > > Am 31.08.22 um 14:11 schrieb Lukasz Lenart: > > I think disabling them doesn't make sense - these are just > > interceptors so you can create your own stack without them. I would > > rather create a new default secure stack and move those interceptors > > into that stack, wdyt? > > > > > > Regards > > --------------------------------------------------------------------- > To unsubscribe, e-mail: dev-unsubscr...@struts.apache.org > For additional commands, e-mail: dev-h...@struts.apache.org > >
