[jira] [Updated] (WW-1691) TokenActionInterceptor - token functionality from a text link
[ https://issues.apache.org/jira/browse/WW-1691?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Lukasz Lenart updated WW-1691: -- Fix Version/s: (was: 3.0) 2.5 > TokenActionInterceptor - token functionality from a text link > - > > Key: WW-1691 > URL: https://issues.apache.org/jira/browse/WW-1691 > Project: Struts 2 > Issue Type: Improvement >Affects Versions: 2.0.4 >Reporter: tm_jee > Fix For: 2.5 > > Attachments: TokenActionInterceptor.java, TokenHelper.java > > > might want to look into this [1] > [1] - http://jira.opensymphony.com/browse/WW-1421 -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-4348) Remove access to static methods
[
https://issues.apache.org/jira/browse/WW-4348?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15091051#comment-15091051
]
Lukasz Lenart commented on WW-4348:
---
Nope, by defining
{code:xml}
{code}
you'll enable access to static methods, setting {{false}} it'll be disabled.
But access to static methods was very often use as a hacker's attack vector on
users' applications. See PoC here http://struts.apache.org/docs/s2-009.html
> Remove access to static methods
> ---
>
> Key: WW-4348
> URL: https://issues.apache.org/jira/browse/WW-4348
> Project: Struts 2
> Issue Type: Improvement
> Components: Core Actions
>Affects Versions: 2.3.16.3
>Reporter: Lukasz Lenart
>Priority: Critical
> Fix For: 2.5
>
>
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Reopened] (WW-4582) adds 'class' to exclude params in ParametersInterceptor (avoid ClassLoader manipulation)
[ https://issues.apache.org/jira/browse/WW-4582?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] victorsosa reopened WW-4582: > adds 'class' to exclude params in ParametersInterceptor (avoid ClassLoader > manipulation) > > > Key: WW-4582 > URL: https://issues.apache.org/jira/browse/WW-4582 > Project: Struts 2 > Issue Type: Bug > Components: Core Interceptors >Affects Versions: 2.3.24 >Reporter: victorsosa >Assignee: Lukasz Lenart >Priority: Critical > Labels: security > Fix For: 2.3.25, 2.5 > > > Hi, > This is a permanent patch for security issue CVE-2014-0094; this adds 'class' > to exclude params in ParametersInterceptor (avoid ClassLoader manipulation) > This is base on the information in the S2-020 > This close also the CVE-2014-0112, CVE-2014-0113 and CVE-2014-0116 -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Resolved] (WW-4582) adds 'class' to exclude params in ParametersInterceptor (avoid ClassLoader manipulation)
[ https://issues.apache.org/jira/browse/WW-4582?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] victorsosa resolved WW-4582. Resolution: Won't Fix > adds 'class' to exclude params in ParametersInterceptor (avoid ClassLoader > manipulation) > > > Key: WW-4582 > URL: https://issues.apache.org/jira/browse/WW-4582 > Project: Struts 2 > Issue Type: Bug > Components: Core Interceptors >Affects Versions: 2.3.24 >Reporter: victorsosa >Assignee: Lukasz Lenart >Priority: Critical > Labels: security > Fix For: 2.3.25, 2.5 > > > Hi, > This is a permanent patch for security issue CVE-2014-0094; this adds 'class' > to exclude params in ParametersInterceptor (avoid ClassLoader manipulation) > This is base on the information in the S2-020 > This close also the CVE-2014-0112, CVE-2014-0113 and CVE-2014-0116 -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Updated] (WW-3726) Remove deprecated methods from ActionProxyFactory
[ https://issues.apache.org/jira/browse/WW-3726?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Lukasz Lenart updated WW-3726: -- Fix Version/s: (was: 3.0) 2.5 > Remove deprecated methods from ActionProxyFactory > - > > Key: WW-3726 > URL: https://issues.apache.org/jira/browse/WW-3726 > Project: Struts 2 > Issue Type: Improvement >Reporter: Lukasz Lenart > Fix For: 2.5 > > -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Resolved] (WW-3726) Remove deprecated methods from ActionProxyFactory
[ https://issues.apache.org/jira/browse/WW-3726?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Lukasz Lenart resolved WW-3726. --- Resolution: Fixed You are right, thanks! > Remove deprecated methods from ActionProxyFactory > - > > Key: WW-3726 > URL: https://issues.apache.org/jira/browse/WW-3726 > Project: Struts 2 > Issue Type: Improvement >Reporter: Lukasz Lenart > Fix For: 2.5 > > -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-4348) Remove access to static methods
[ https://issues.apache.org/jira/browse/WW-4348?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15091046#comment-15091046 ] victorsosa commented on WW-4348: So can I just add Into the config file so it start running the check?? > Remove access to static methods > --- > > Key: WW-4348 > URL: https://issues.apache.org/jira/browse/WW-4348 > Project: Struts 2 > Issue Type: Improvement > Components: Core Actions >Affects Versions: 2.3.16.3 >Reporter: Lukasz Lenart >Priority: Critical > Fix For: 2.5 > > -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-4568) Upgrade Tiles 2 to latest available Tiles 2 version
[ https://issues.apache.org/jira/browse/WW-4568?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15090988#comment-15090988 ] ASF subversion and git services commented on WW-4568: - Commit 997966829ae3bac1bf490daf30e56415aa84aec5 in struts's branch refs/heads/support-2-3 from [~lukaszlenart] [ https://git-wip-us.apache.org/repos/asf?p=struts.git;h=9979668 ] WW-4568 Upgrades the Tiles plugin to Tiles 2 > Upgrade Tiles 2 to latest available Tiles 2 version > --- > > Key: WW-4568 > URL: https://issues.apache.org/jira/browse/WW-4568 > Project: Struts 2 > Issue Type: Improvement > Components: Plugin - Tiles >Affects Versions: 2.3.24 >Reporter: Lukasz Lenart >Assignee: Lukasz Lenart > Fix For: 2.3.25 > > -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-4568) Upgrade Tiles 2 to latest available Tiles 2 version
[ https://issues.apache.org/jira/browse/WW-4568?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15090989#comment-15090989 ] ASF GitHub Bot commented on WW-4568: Github user asfgit closed the pull request at: https://github.com/apache/struts/pull/60 > Upgrade Tiles 2 to latest available Tiles 2 version > --- > > Key: WW-4568 > URL: https://issues.apache.org/jira/browse/WW-4568 > Project: Struts 2 > Issue Type: Improvement > Components: Plugin - Tiles >Affects Versions: 2.3.24 >Reporter: Lukasz Lenart >Assignee: Lukasz Lenart > Fix For: 2.3.25 > > -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Resolved] (WW-4582) adds 'class' to exclude params in ParametersInterceptor (avoid ClassLoader manipulation)
[ https://issues.apache.org/jira/browse/WW-4582?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] victorsosa resolved WW-4582. Resolution: Fixed NO patch really needed > adds 'class' to exclude params in ParametersInterceptor (avoid ClassLoader > manipulation) > > > Key: WW-4582 > URL: https://issues.apache.org/jira/browse/WW-4582 > Project: Struts 2 > Issue Type: Bug > Components: Core Interceptors >Affects Versions: 2.3.24 >Reporter: victorsosa >Assignee: Lukasz Lenart >Priority: Critical > Labels: security > Fix For: 2.3.25, 2.5 > > > Hi, > This is a permanent patch for security issue CVE-2014-0094; this adds 'class' > to exclude params in ParametersInterceptor (avoid ClassLoader manipulation) > This is base on the information in the S2-020 > This close also the CVE-2014-0112, CVE-2014-0113 and CVE-2014-0116 -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-4348) Remove access to static methods
[ https://issues.apache.org/jira/browse/WW-4348?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15091016#comment-15091016 ] victorsosa commented on WW-4348: This is already implemented, please check com.opensymphony.xwork2.ognl.OgnlUtil.setAllowStaticMethodAccess(String) you only need to set "struts.ognl.allowStaticMethodAccess" true > Remove access to static methods > --- > > Key: WW-4348 > URL: https://issues.apache.org/jira/browse/WW-4348 > Project: Struts 2 > Issue Type: Improvement > Components: Core Actions >Affects Versions: 2.3.16.3 >Reporter: Lukasz Lenart >Priority: Critical > Fix For: 2.5 > > -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Comment Edited] (WW-4348) Remove access to static methods
[ https://issues.apache.org/jira/browse/WW-4348?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15091016#comment-15091016 ] victorsosa edited comment on WW-4348 at 1/10/16 12:45 PM: -- This is already implemented, please check com.opensymphony.xwork2.ognl.OgnlUtil.setAllowStaticMethodAccess(String) you only need to set "struts.ognl.allowStaticMethodAccess" true was (Author: victorsosa): This is already implemented, please check com.opensymphony.xwork2.ognl.OgnlUtil.setAllowStaticMethodAccess(String) you only need to set "struts.ognl.allowStaticMethodAccess" true > Remove access to static methods > --- > > Key: WW-4348 > URL: https://issues.apache.org/jira/browse/WW-4348 > Project: Struts 2 > Issue Type: Improvement > Components: Core Actions >Affects Versions: 2.3.16.3 >Reporter: Lukasz Lenart >Priority: Critical > Fix For: 2.5 > > -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-4348) Remove access to static methods
[ https://issues.apache.org/jira/browse/WW-4348?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15091053#comment-15091053 ] victorsosa commented on WW-4348: OK so it need to be false > Remove access to static methods > --- > > Key: WW-4348 > URL: https://issues.apache.org/jira/browse/WW-4348 > Project: Struts 2 > Issue Type: Improvement > Components: Core Actions >Affects Versions: 2.3.16.3 >Reporter: Lukasz Lenart >Priority: Critical > Fix For: 2.5 > > -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-4582) adds 'class' to exclude params in ParametersInterceptor (avoid ClassLoader manipulation)
[ https://issues.apache.org/jira/browse/WW-4582?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15090981#comment-15090981 ] ASF GitHub Bot commented on WW-4582: Github user lukaszlenart commented on the pull request: https://github.com/apache/struts/pull/70#issuecomment-170334397 Also based on a report from a user I have added this 74e26830d2849a84729b33497f729e0f033dc147 - this is almost the same as yours but it bases on a real-life example :) > adds 'class' to exclude params in ParametersInterceptor (avoid ClassLoader > manipulation) > > > Key: WW-4582 > URL: https://issues.apache.org/jira/browse/WW-4582 > Project: Struts 2 > Issue Type: Bug > Components: Core Interceptors >Affects Versions: 2.3.24 >Reporter: victorsosa >Assignee: Lukasz Lenart >Priority: Critical > Labels: security > Fix For: 2.3.25, 2.5 > > > Hi, > This is a permanent patch for security issue CVE-2014-0094; this adds 'class' > to exclude params in ParametersInterceptor (avoid ClassLoader manipulation) > This is base on the information in the S2-020 > This close also the CVE-2014-0112, CVE-2014-0113 and CVE-2014-0116 -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-4348) Remove access to static methods
[ https://issues.apache.org/jira/browse/WW-4348?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15091045#comment-15091045 ] Lukasz Lenart commented on WW-4348: --- Yes, the idea is to drop such functionality because it's a source of many security vulnerabilities. > Remove access to static methods > --- > > Key: WW-4348 > URL: https://issues.apache.org/jira/browse/WW-4348 > Project: Struts 2 > Issue Type: Improvement > Components: Core Actions >Affects Versions: 2.3.16.3 >Reporter: Lukasz Lenart >Priority: Critical > Fix For: 2.5 > > -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-3364) Using convertors in JSON serialization
[ https://issues.apache.org/jira/browse/WW-3364?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15090985#comment-15090985 ] Lukasz Lenart commented on WW-3364: --- I think it's two different things - JSON plugin and REST plugin > Using convertors in JSON serialization > -- > > Key: WW-3364 > URL: https://issues.apache.org/jira/browse/WW-3364 > Project: Struts 2 > Issue Type: Improvement > Components: Plugin - JSON >Affects Versions: 2.1.8 >Reporter: Rahul Mohan > Fix For: 2.5 > > > The bundled JSON plugin does not use registered convertors for data > conversion. This seriously affects the implementation of gracefully degrading > ajax apps. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Updated] (WW-3364) Using convertors in JSON serialization
[ https://issues.apache.org/jira/browse/WW-3364?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Lukasz Lenart updated WW-3364: -- Component/s: Plugin - JSON > Using convertors in JSON serialization > -- > > Key: WW-3364 > URL: https://issues.apache.org/jira/browse/WW-3364 > Project: Struts 2 > Issue Type: Improvement > Components: Plugin - JSON >Affects Versions: 2.1.8 >Reporter: Rahul Mohan > Fix For: 2.5 > > > The bundled JSON plugin does not use registered convertors for data > conversion. This seriously affects the implementation of gracefully degrading > ajax apps. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Updated] (WW-3364) Using convertors in JSON serialization
[ https://issues.apache.org/jira/browse/WW-3364?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Lukasz Lenart updated WW-3364: -- Fix Version/s: (was: 2.5) 2.5.x > Using convertors in JSON serialization > -- > > Key: WW-3364 > URL: https://issues.apache.org/jira/browse/WW-3364 > Project: Struts 2 > Issue Type: Improvement > Components: Plugin - JSON >Affects Versions: 2.1.8 >Reporter: Rahul Mohan > Fix For: 2.5.x > > > The bundled JSON plugin does not use registered convertors for data > conversion. This seriously affects the implementation of gracefully degrading > ajax apps. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-4582) adds 'class' to exclude params in ParametersInterceptor (avoid ClassLoader manipulation)
[ https://issues.apache.org/jira/browse/WW-4582?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15090997#comment-15090997 ] ASF GitHub Bot commented on WW-4582: Github user victorsosa closed the pull request at: https://github.com/apache/struts/pull/70 > adds 'class' to exclude params in ParametersInterceptor (avoid ClassLoader > manipulation) > > > Key: WW-4582 > URL: https://issues.apache.org/jira/browse/WW-4582 > Project: Struts 2 > Issue Type: Bug > Components: Core Interceptors >Affects Versions: 2.3.24 >Reporter: victorsosa >Assignee: Lukasz Lenart >Priority: Critical > Labels: security > Fix For: 2.3.25, 2.5 > > > Hi, > This is a permanent patch for security issue CVE-2014-0094; this adds 'class' > to exclude params in ParametersInterceptor (avoid ClassLoader manipulation) > This is base on the information in the S2-020 > This close also the CVE-2014-0112, CVE-2014-0113 and CVE-2014-0116 -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-4582) adds 'class' to exclude params in ParametersInterceptor (avoid ClassLoader manipulation)
[ https://issues.apache.org/jira/browse/WW-4582?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15090996#comment-15090996 ] ASF GitHub Bot commented on WW-4582: Github user victorsosa commented on the pull request: https://github.com/apache/struts/pull/70#issuecomment-170337968 ok, PR closed > adds 'class' to exclude params in ParametersInterceptor (avoid ClassLoader > manipulation) > > > Key: WW-4582 > URL: https://issues.apache.org/jira/browse/WW-4582 > Project: Struts 2 > Issue Type: Bug > Components: Core Interceptors >Affects Versions: 2.3.24 >Reporter: victorsosa >Assignee: Lukasz Lenart >Priority: Critical > Labels: security > Fix For: 2.3.25, 2.5 > > > Hi, > This is a permanent patch for security issue CVE-2014-0094; this adds 'class' > to exclude params in ParametersInterceptor (avoid ClassLoader manipulation) > This is base on the information in the S2-020 > This close also the CVE-2014-0112, CVE-2014-0113 and CVE-2014-0116 -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (WW-3364) Using convertors in JSON serialization
[ https://issues.apache.org/jira/browse/WW-3364?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15091002#comment-15091002 ] victorsosa commented on WW-3364: Yep, you are right > Using convertors in JSON serialization > -- > > Key: WW-3364 > URL: https://issues.apache.org/jira/browse/WW-3364 > Project: Struts 2 > Issue Type: Improvement > Components: Plugin - JSON >Affects Versions: 2.1.8 >Reporter: Rahul Mohan > Fix For: 2.5.x > > > The bundled JSON plugin does not use registered convertors for data > conversion. This seriously affects the implementation of gracefully degrading > ajax apps. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Comment Edited] (WW-4348) Remove access to static methods
[
https://issues.apache.org/jira/browse/WW-4348?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15091051#comment-15091051
]
Lukasz Lenart edited comment on WW-4348 at 1/10/16 2:00 PM:
Nope, by defining
{code:xml}
{code}
you'll enable access to static methods, setting {{false}} it'll be disabled.
But access to static methods was very often used as a hacker's attack vector on
users' applications. See PoC here http://struts.apache.org/docs/s2-009.html
was (Author: lukaszlenart):
Nope, by defining
{code:xml}
{code}
you'll enable access to static methods, setting {{false}} it'll be disabled.
But access to static methods was very often use as a hacker's attack vector on
users' applications. See PoC here http://struts.apache.org/docs/s2-009.html
> Remove access to static methods
> ---
>
> Key: WW-4348
> URL: https://issues.apache.org/jira/browse/WW-4348
> Project: Struts 2
> Issue Type: Improvement
> Components: Core Actions
>Affects Versions: 2.3.16.3
>Reporter: Lukasz Lenart
>Priority: Critical
> Fix For: 2.5
>
>
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Commented] (WW-4582) adds 'class' to exclude params in ParametersInterceptor (avoid ClassLoader manipulation)
[ https://issues.apache.org/jira/browse/WW-4582?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15090977#comment-15090977 ] ASF GitHub Bot commented on WW-4582: Github user lukaszlenart commented on the pull request: https://github.com/apache/struts/pull/70#issuecomment-170333869 This isn't really needed as access to `Class` is blocked for any Ognl expression, see [Internal Security Mechanism](http://struts.apache.org/docs/security.html#Security-Internalsecuritymechanism) > adds 'class' to exclude params in ParametersInterceptor (avoid ClassLoader > manipulation) > > > Key: WW-4582 > URL: https://issues.apache.org/jira/browse/WW-4582 > Project: Struts 2 > Issue Type: Bug > Components: Core Interceptors >Affects Versions: 2.3.24 >Reporter: victorsosa >Assignee: Lukasz Lenart >Priority: Critical > Labels: security > Fix For: 2.3.25, 2.5 > > > Hi, > This is a permanent patch for security issue CVE-2014-0094; this adds 'class' > to exclude params in ParametersInterceptor (avoid ClassLoader manipulation) > This is base on the information in the S2-020 > This close also the CVE-2014-0112, CVE-2014-0113 and CVE-2014-0116 -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Resolved] (WW-1691) TokenActionInterceptor - token functionality from a text link
[ https://issues.apache.org/jira/browse/WW-1691?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Lukasz Lenart resolved WW-1691. --- Resolution: Implemented Probably yes, and the patch is very old and not compatible with the current implementation > TokenActionInterceptor - token functionality from a text link > - > > Key: WW-1691 > URL: https://issues.apache.org/jira/browse/WW-1691 > Project: Struts 2 > Issue Type: Improvement >Affects Versions: 2.0.4 >Reporter: tm_jee > Fix For: 2.5 > > Attachments: TokenActionInterceptor.java, TokenHelper.java > > > might want to look into this [1] > [1] - http://jira.opensymphony.com/browse/WW-1421 -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Comment Edited] (WW-3262) improve wildcard to support regular expressions
[
https://issues.apache.org/jira/browse/WW-3262?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15087713#comment-15087713
]
Lukasz Lenart edited comment on WW-3262 at 1/10/16 11:06 AM:
-
Base on the JSR-339
Template parameters can optionally specify the regular expression used to match
their values. The default value matches any text and terminates at the end of
a path segment but other values can be used to alter this behavior, e.g.:
{code:java}
@Path("widgets/{path:.+}")
public class Widget {
...
}
{code}
In the above example the Widgetresource class will be matched for any request
whose path starts with widgets and contains at least one more path segment; the
value of the path parameter will be the request path following widgets. E.g.
given the request path widgets/small/a the value of path would be small/a.
Shouldn't this be implemented as part of the REST plugin???
was (Author: victorsosa):
Base on the JSR-339
Template parameters can optionally specify the regular expression used to match
their values. The default value matches any text and terminates at the end of
a path segment but other values can be used to alter this behavior, e.g.:
@Path("widgets/{path:.+}")
public class Widget {
...
}
In the above example the Widgetresource class will be matched for any request
whose path starts with widgets and contains at least one more path segment; the
value of the path parameter will be the request path following widgets. E.g.
given the request path widgets/small/a the value of path would be small/a.
Shouldn't this be implemented as part of the REST plugin???
> improve wildcard to support regular expressions
> ---
>
> Key: WW-3262
> URL: https://issues.apache.org/jira/browse/WW-3262
> Project: Struts 2
> Issue Type: Improvement
>Affects Versions: 2.1.8
>Reporter: musachy
> Fix For: 3.0
>
>
> The regular expressions will follow the syntax of JAX-RS. They can be like
> {PARAM_NAME} or {PARAM_NAME:REGEX}. For example:
>
>class="org.apache.struts2.showcase.UITagExample">
> /tags/ui/example.jsp
>
>
>
>
>class="org.apache.struts2.showcase.UITagExample">
> /tags/ui/example.jsp
>
>class="org.apache.struts2.showcase.UITagExample">
> /tags/ui/{1}.jsp
>
>
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Updated] (WW-3262) improve wildcard to support regular expressions
[
https://issues.apache.org/jira/browse/WW-3262?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Lukasz Lenart updated WW-3262:
--
Description:
The regular expressions will follow the syntax of JAX-RS. They can be like
{{\{PARAM_NAME\}}} or {{\{PARAM_NAME:REGEX\}}}. For example:
{code:xml}
/tags/ui/example.jsp
/tags/ui/example.jsp
/tags/ui/{1}.jsp
{code}
was:
The regular expressions will follow the syntax of JAX-RS. They can be like
{PARAM_NAME} or {PARAM_NAME:REGEX}. For example:
/tags/ui/example.jsp
/tags/ui/example.jsp
/tags/ui/{1}.jsp
> improve wildcard to support regular expressions
> ---
>
> Key: WW-3262
> URL: https://issues.apache.org/jira/browse/WW-3262
> Project: Struts 2
> Issue Type: Improvement
>Affects Versions: 2.1.8
>Reporter: musachy
> Fix For: 2.5.x
>
>
> The regular expressions will follow the syntax of JAX-RS. They can be like
> {{\{PARAM_NAME\}}} or {{\{PARAM_NAME:REGEX\}}}. For example:
> {code:xml}
>
>class="org.apache.struts2.showcase.UITagExample">
> /tags/ui/example.jsp
>
>
>
>
>class="org.apache.struts2.showcase.UITagExample">
> /tags/ui/example.jsp
>
>class="org.apache.struts2.showcase.UITagExample">
> /tags/ui/{1}.jsp
>
>
> {code}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Updated] (WW-3262) improve wildcard to support regular expressions
[
https://issues.apache.org/jira/browse/WW-3262?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Lukasz Lenart updated WW-3262:
--
Fix Version/s: (was: 3.0)
2.5.x
> improve wildcard to support regular expressions
> ---
>
> Key: WW-3262
> URL: https://issues.apache.org/jira/browse/WW-3262
> Project: Struts 2
> Issue Type: Improvement
>Affects Versions: 2.1.8
>Reporter: musachy
> Fix For: 2.5.x
>
>
> The regular expressions will follow the syntax of JAX-RS. They can be like
> {{\{PARAM_NAME\}}} or {{\{PARAM_NAME:REGEX\}}}. For example:
> {code:xml}
>
>class="org.apache.struts2.showcase.UITagExample">
> /tags/ui/example.jsp
>
>
>
>
>class="org.apache.struts2.showcase.UITagExample">
> /tags/ui/example.jsp
>
>class="org.apache.struts2.showcase.UITagExample">
> /tags/ui/{1}.jsp
>
>
> {code}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Commented] (WW-3731) Rename ArrayUtils to CollectionUtils
[ https://issues.apache.org/jira/browse/WW-3731?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15091061#comment-15091061 ] victorsosa commented on WW-3731: Where??? > Rename ArrayUtils to CollectionUtils > > > Key: WW-3731 > URL: https://issues.apache.org/jira/browse/WW-3731 > Project: Struts 2 > Issue Type: Improvement >Affects Versions: 2.3.1 >Reporter: Lukasz Lenart > Fix For: 3.0 > > -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Updated] (WW-4440) Add README.adoc to all subprojects
[ https://issues.apache.org/jira/browse/WW-4440?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Lukasz Lenart updated WW-4440: -- Fix Version/s: (was: 2.3.x) 2.5 > Add README.adoc to all subprojects > -- > > Key: WW-4440 > URL: https://issues.apache.org/jira/browse/WW-4440 > Project: Struts 2 > Issue Type: Improvement > Components: Documentation >Reporter: Lukasz Lenart >Priority: Trivial > Fix For: 2.5 > > > It'd be good to have a basic README for each subproject as here > https://github.com/apache/struts/tree/develop/plugins/java8-support -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Resolved] (WW-4568) Upgrade Tiles 2 to latest available Tiles 2 version
[ https://issues.apache.org/jira/browse/WW-4568?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Lukasz Lenart resolved WW-4568. --- Resolution: Fixed PR merged, docs update and example added https://cwiki.apache.org/confluence/display/WW/Tiles+2+Plugin https://github.com/apache/struts-examples/tree/master/tiles > Upgrade Tiles 2 to latest available Tiles 2 version > --- > > Key: WW-4568 > URL: https://issues.apache.org/jira/browse/WW-4568 > Project: Struts 2 > Issue Type: Improvement > Components: Plugin - Tiles >Affects Versions: 2.3.24 >Reporter: Lukasz Lenart >Assignee: Lukasz Lenart > Fix For: 2.3.25 > > -- This message was sent by Atlassian JIRA (v6.3.4#6332)
