kusalk commented on code in PR #747:
URL: https://github.com/apache/struts/pull/747#discussion_r1338074912
##########
core/src/main/java/org/apache/struts2/StrutsConstants.java:
##########
@@ -234,6 +234,8 @@ public final class StrutsConstants {
/** The name of the parameter to determine whether static field access
will be allowed in OGNL expressions or not */
public static final String STRUTS_ALLOW_STATIC_FIELD_ACCESS =
"struts.ognl.allowStaticFieldAccess";
+ public static final String STRUTS_OGNL_GUARD = "struts.ognlGuard";
Review Comment:
Hmm, the other options that are in the `ognl.` namespace are configuration
options for how OGNL executes. This on the other hand is an extension point for
the bean/interface named `OgnlGuard`.
Up to you, I'm not fussed either way - let me know and I'll rename it :)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
