(struts-site) branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new 6fd8a86a1 Updates stage by Jenkins 6fd8a86a1 is described below commit 6fd8a86a17681a4f32c026f9c167e9bc7f6106cc Author: jenkins AuthorDate: Thu Apr 25 04:43:28 2024 + Updates stage by Jenkins --- .../ajax-client-side-validation.html | 84 ++--- content/plugins/json/index.html| 12 +-- content/plugins/json/json-ajax-validation.html | 86 +++--- content/plugins/plugins-architecture.html | 2 +- .../ajax-and-javascript-recipes.html | 78 ++-- content/tag-developers/ajax-div-template.html | 12 +-- content/tag-developers/ajax-event-system.html | 4 +- 7 files changed, 139 insertions(+), 139 deletions(-) diff --git a/content/core-developers/ajax-client-side-validation.html b/content/core-developers/ajax-client-side-validation.html index c6a0790ce..2a86ffe19 100644 --- a/content/core-developers/ajax-client-side-validation.html +++ b/content/core-developers/ajax-client-side-validation.html @@ -509,21 +509,21 @@ It takes care of hiding validation errors that might be present, submit the form * * @param event onSubmit event */ -function ajaxFormValidation(event) { -event.preventDefault(); -_removeValidationErrors(); -var _form = $(event.target); -var _formData = _form.serialize(true); +function ajaxFormValidation(event) { +event.preventDefault(); +_removeValidationErrors(); +var _form = $(event.target); +var _formData = _form.serialize(true); // prepare visual feedback // you may want to use other elements here -var originalButton = _form.find('.btn-primary'); +var originalButton = _form.find('.btn-primary'); // note: jQuery returns an array-like object -if (originalButton originalButton.length originalButton.length 0) { -originalButton.hide(); -var feedbackElement = $('div class="ajaxVisualFeedback"/div').insertAfter(originalButton); +if (originalButton originalButton.length originalButton.length 0) { +originalButton.hide(); +var feedbackElement = $('div class="ajaxVisualFeedback"/div').insertAfter(originalButton); var restoreFunction = function() { -originalButton.show(); -feedbackElement.remove(); +originalButton.show(); +feedbackElement.remove(); } } var options = { @@ -531,48 +531,48 @@ It takes care of hiding validation errors that might be present, submit the form async: true, processData: false, type: 'POST', -success: function (response, statusText, xhr) { -if (response.location) { +success: function (response, statusText, xhr) { +if (response.location) { // no validation errors // action has been executed and sent a redirect URL wrapped as JSON // cannot use a normal http-redirect (status-code 3xx) as this would be followed by browsers and would not be available here // follow JSON-redirect window.location.href = response.location; } else { -if (restoreFunction) { -restoreFunction(); +if (restoreFunction) { +restoreFunction(); } -_handleValidationResult(_form, response); +_handleValidationResult(_form, response); } }, error: function(xhr, textStatus, errorThrown) { -if (restoreFunction) { -restoreFunction(); +if (restoreFunction) { +restoreFunction(); } // struts sends status code 400 when validation errors are present -if (xhr.status === 400) { -_handleValidationResult(_form, JSON.parse(xhr.responseText)) +if (xhr.status === 400) { +_handleValidationResult(_form, JSON.parse(xhr.responseText)) } else { // a real error occurred - show user an error message -_handleValidationResult(_form, {errors: ['Network or server error!']}) +_handleValidationResult(_form, {errors: ['Network or server error!']}) } } } // send request, after delay to make sure everybody notices the visual feedback :) -window.setTimeout(function() { +window.setTimeout(function() { var url = _form[0].action; -jQuery.ajax(url, options); +jQuery.ajax(url, options); }, 1000); } /** * Removes validation errors from HTML DOM. */ -function
(struts-site) branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new 41996a166 Updates stage by Jenkins 41996a166 is described below commit 41996a166f99af74ba5cacd5e3168a51865e5bd8 Author: jenkins AuthorDate: Tue Apr 23 05:35:21 2024 + Updates stage by Jenkins --- .../ajax-client-side-validation.html | 84 ++--- content/plugins/json/index.html| 12 +-- content/plugins/json/json-ajax-validation.html | 86 +++--- .../ajax-and-javascript-recipes.html | 78 ++-- content/tag-developers/ajax-div-template.html | 12 +-- content/tag-developers/ajax-event-system.html | 4 +- 6 files changed, 138 insertions(+), 138 deletions(-) diff --git a/content/core-developers/ajax-client-side-validation.html b/content/core-developers/ajax-client-side-validation.html index 2a86ffe19..c6a0790ce 100644 --- a/content/core-developers/ajax-client-side-validation.html +++ b/content/core-developers/ajax-client-side-validation.html @@ -509,21 +509,21 @@ It takes care of hiding validation errors that might be present, submit the form * * @param event onSubmit event */ -function ajaxFormValidation(event) { -event.preventDefault(); -_removeValidationErrors(); -var _form = $(event.target); -var _formData = _form.serialize(true); +function ajaxFormValidation(event) { +event.preventDefault(); +_removeValidationErrors(); +var _form = $(event.target); +var _formData = _form.serialize(true); // prepare visual feedback // you may want to use other elements here -var originalButton = _form.find('.btn-primary'); +var originalButton = _form.find('.btn-primary'); // note: jQuery returns an array-like object -if (originalButton originalButton.length originalButton.length 0) { -originalButton.hide(); -var feedbackElement = $('div class="ajaxVisualFeedback"/div').insertAfter(originalButton); +if (originalButton originalButton.length originalButton.length 0) { +originalButton.hide(); +var feedbackElement = $('div class="ajaxVisualFeedback"/div').insertAfter(originalButton); var restoreFunction = function() { -originalButton.show(); -feedbackElement.remove(); +originalButton.show(); +feedbackElement.remove(); } } var options = { @@ -531,48 +531,48 @@ It takes care of hiding validation errors that might be present, submit the form async: true, processData: false, type: 'POST', -success: function (response, statusText, xhr) { -if (response.location) { +success: function (response, statusText, xhr) { +if (response.location) { // no validation errors // action has been executed and sent a redirect URL wrapped as JSON // cannot use a normal http-redirect (status-code 3xx) as this would be followed by browsers and would not be available here // follow JSON-redirect window.location.href = response.location; } else { -if (restoreFunction) { -restoreFunction(); +if (restoreFunction) { +restoreFunction(); } -_handleValidationResult(_form, response); +_handleValidationResult(_form, response); } }, error: function(xhr, textStatus, errorThrown) { -if (restoreFunction) { -restoreFunction(); +if (restoreFunction) { +restoreFunction(); } // struts sends status code 400 when validation errors are present -if (xhr.status === 400) { -_handleValidationResult(_form, JSON.parse(xhr.responseText)) +if (xhr.status === 400) { +_handleValidationResult(_form, JSON.parse(xhr.responseText)) } else { // a real error occurred - show user an error message -_handleValidationResult(_form, {errors: ['Network or server error!']}) +_handleValidationResult(_form, {errors: ['Network or server error!']}) } } } // send request, after delay to make sure everybody notices the visual feedback :) -window.setTimeout(function() { +window.setTimeout(function() { var url = _form[0].action; -jQuery.ajax(url, options); +jQuery.ajax(url, options); }, 1000); } /** * Removes validation errors from HTML DOM. */ -function _removeValidationErrors() { +function _removeValidationErrors() { // action
(struts-site) branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new b229f5006 Updates stage by Jenkins b229f5006 is described below commit b229f50061423bc2b46118e6166e75f3a226e292 Author: jenkins AuthorDate: Mon Apr 22 21:35:14 2024 + Updates stage by Jenkins --- content/security/index.html | 14 ++ 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/content/security/index.html b/content/security/index.html index ac8f34ddb..f271dfb73 100644 --- a/content/security/index.html +++ b/content/security/index.html @@ -608,10 +608,16 @@ with other known dangerous classes or packages in your application. We additionally recommend enabling the following options (enabled by default in 7.0). - struts.ognl.allowStaticFieldAccess=false - static methods are always blocked, but static fields can also optionally be blocked - struts.disallowProxyMemberAccess=true - disallow proxied objects from being used in OGNL expressions as they may present a security risk - struts.disallowDefaultPackageAccess=true - disallow access to classes in the default package which should not be used in production - struts.ognl.disallowCustomOgnlMap=true - disallow construction of custom OGNL maps which can be used to bypass the SecurityMemberAccess policy + struts.ognl.allowStaticFieldAccess=false - static field values which aren’t a primitive type can be used to access +classes that wouldn’t otherwise be accessible + struts.disallowProxyObjectAccess=true - disallow proxied objects from being used in OGNL expressions as these often +represent application beans or database entities which are sensitive + struts.disallowDefaultPackageAccess=true - disallow access to classes in the default package which should not be +used in production + struts.ognl.disallowCustomOgnlMap=true - disallow construction of custom OGNL maps which can be used to bypass the +SecurityMemberAccess policy + struts.actionConfig.fallbackToEmptyNamespace=false - prevent Actions in the empty namespace from being accessed from +alternative endpoints Allowlist Capability
(struts-site) branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new 3e2434005 Updates stage by Jenkins 3e2434005 is described below commit 3e24340055e2285f29f54aad4cc0ce2ec20e57cc Author: jenkins AuthorDate: Mon Apr 22 18:03:59 2024 + Updates stage by Jenkins --- .../ajax-client-side-validation.html | 84 ++--- content/plugins/json/index.html| 12 +-- content/plugins/json/json-ajax-validation.html | 86 +++--- .../ajax-and-javascript-recipes.html | 78 ++-- content/tag-developers/ajax-div-template.html | 12 +-- content/tag-developers/ajax-event-system.html | 4 +- 6 files changed, 138 insertions(+), 138 deletions(-) diff --git a/content/core-developers/ajax-client-side-validation.html b/content/core-developers/ajax-client-side-validation.html index c6a0790ce..2a86ffe19 100644 --- a/content/core-developers/ajax-client-side-validation.html +++ b/content/core-developers/ajax-client-side-validation.html @@ -509,21 +509,21 @@ It takes care of hiding validation errors that might be present, submit the form * * @param event onSubmit event */ -function ajaxFormValidation(event) { -event.preventDefault(); -_removeValidationErrors(); -var _form = $(event.target); -var _formData = _form.serialize(true); +function ajaxFormValidation(event) { +event.preventDefault(); +_removeValidationErrors(); +var _form = $(event.target); +var _formData = _form.serialize(true); // prepare visual feedback // you may want to use other elements here -var originalButton = _form.find('.btn-primary'); +var originalButton = _form.find('.btn-primary'); // note: jQuery returns an array-like object -if (originalButton originalButton.length originalButton.length 0) { -originalButton.hide(); -var feedbackElement = $('div class="ajaxVisualFeedback"/div').insertAfter(originalButton); +if (originalButton originalButton.length originalButton.length 0) { +originalButton.hide(); +var feedbackElement = $('div class="ajaxVisualFeedback"/div').insertAfter(originalButton); var restoreFunction = function() { -originalButton.show(); -feedbackElement.remove(); +originalButton.show(); +feedbackElement.remove(); } } var options = { @@ -531,48 +531,48 @@ It takes care of hiding validation errors that might be present, submit the form async: true, processData: false, type: 'POST', -success: function (response, statusText, xhr) { -if (response.location) { +success: function (response, statusText, xhr) { +if (response.location) { // no validation errors // action has been executed and sent a redirect URL wrapped as JSON // cannot use a normal http-redirect (status-code 3xx) as this would be followed by browsers and would not be available here // follow JSON-redirect window.location.href = response.location; } else { -if (restoreFunction) { -restoreFunction(); +if (restoreFunction) { +restoreFunction(); } -_handleValidationResult(_form, response); +_handleValidationResult(_form, response); } }, error: function(xhr, textStatus, errorThrown) { -if (restoreFunction) { -restoreFunction(); +if (restoreFunction) { +restoreFunction(); } // struts sends status code 400 when validation errors are present -if (xhr.status === 400) { -_handleValidationResult(_form, JSON.parse(xhr.responseText)) +if (xhr.status === 400) { +_handleValidationResult(_form, JSON.parse(xhr.responseText)) } else { // a real error occurred - show user an error message -_handleValidationResult(_form, {errors: ['Network or server error!']}) +_handleValidationResult(_form, {errors: ['Network or server error!']}) } } } // send request, after delay to make sure everybody notices the visual feedback :) -window.setTimeout(function() { +window.setTimeout(function() { var url = _form[0].action; -jQuery.ajax(url, options); +jQuery.ajax(url, options); }, 1000); } /** * Removes validation errors from HTML DOM. */ -function _removeValidationErrors() { +function _removeValidationErrors() { // action
(struts-site) branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new 7e9ac9852 Updates stage by Jenkins 7e9ac9852 is described below commit 7e9ac98524b15eebfd682c31cf66857939afebbe Author: jenkins AuthorDate: Sat Apr 20 21:38:25 2024 + Updates stage by Jenkins --- content/plugins/json/json-ajax-validation.html | 193 - .../plugins/portlet/struts-2-portlet-tutorial.html | 193 - content/plugins/spring/index.html | 2 - content/security/index.html| 14 +- 4 files changed, 394 insertions(+), 8 deletions(-) diff --git a/content/plugins/json/json-ajax-validation.html b/content/plugins/json/json-ajax-validation.html index 8f463ddf3..6c7306ce0 100644 --- a/content/plugins/json/json-ajax-validation.html +++ b/content/plugins/json/json-ajax-validation.html @@ -1,4 +1,156 @@ -JSON Ajax Validation + + + + + + + + + + JSON Ajax validation + + + + + + + + + + + + + +var _paq = window._paq = window._paq || []; +/* tracker methods like "setCustomDimension" should be called before "trackPageView" */ +/* We explicitly disable cookie tracking to avoid privacy issues */ +_paq.push(['disableCookies']); +_paq.push(['trackPageView']); +_paq.push(['enableLinkTracking']); +(function() { + var u="//analytics.apache.org/"; + _paq.push(['setTrackerUrl', u+'matomo.php']); + _paq.push(['setSiteId', '41']); + var d=document, g=d.createElement('script'), s=d.getElementsByTagName('script')[0]; + g.async=true; g.src=u+'matomo.js'; s.parentNode.insertBefore(g,s); +})(); + + + + + +https://github.com/apache/struts; class="github-ribbon"> + https://github.blog/wp-content/uploads/2008/12/forkme_right_red_aa.png?resize=149%2C149; class="attachment-full size-full" alt="Fork me on GitHub" data-recalc-dims="1"> + + + + + + + + +Menu +Toggle navigation + + + + + + + + + + +Home + + +Welcome +Download +Releases +Announcements +http://www.apache.org/licenses/;>License +https://www.apache.org/foundation/thanks.html;>Thanks! +https://www.apache.org/foundation/sponsorship.html;>Sponsorship +https://privacy.apache.org/policies/privacy-policy-public.html;>Privacy Policy + + + + +Support + + +User Mailing List +https://issues.apache.org/jira/browse/WW;>Issue Tracker +Reporting Security Issues +Commercial Support + +https://cwiki.apache.org/confluence/display/WW/Migration+Guide;>Version Notes +https://cwiki.apache.org/confluence/display/WW/Security+Bulletins;>Security Bulletins + +Maven Project Info +Struts Core Dependencies +Plugin Dependencies + + + + +Documentation + + +Birds Eye +Key Technologies +Kickstart FAQ +https://cwiki.apache.org/confluence/display/WW/Home;>Wiki + +Getting Started +Security Guide +Core Developers Guide +Tag Developers Guide +Maven Archetypes +Plugins +Struts Core API +Tag reference +https://cwiki.apache.org/confluence/display/WW/FAQs;>FAQs +http://cwiki.apache.org/S2PLUGINS/home.html;>Plugin registry + + + + +Contributing + + +You at Struts +How to Help FAQ +Development Lists + +Submitting patches +Source Code and Builds +Coding standards +Contributors Guide + +Release Guidelines +PMC Charter +Volunteers +https://gitbox.apache.org/repos/asf?p=struts.git;>Source Repository +Updating the website + + +http://www.apache.org/;> + + + + + + + + + + +
(struts-site) branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new e9dde54a4 Updates stage by Jenkins e9dde54a4 is described below commit e9dde54a482ebf440dfbc3e954766fc3c69457f6 Author: jenkins AuthorDate: Sat Apr 20 13:54:22 2024 + Updates stage by Jenkins --- content/plugins/async/index.html | 2 +- content/plugins/bean-validation/index.html | 2 +- content/plugins/cdi/index.html | 2 +- content/plugins/codebehind/index.html | 2 +- content/plugins/config-browser/index.html | 2 +- content/plugins/convention/converting.html | 4 +--- content/plugins/convention/index.html | 2 +- content/plugins/dwr/index.html | 2 +- content/plugins/embedded-jsp/index.html| 2 +- content/plugins/jasperreports/index.html | 2 +- content/plugins/java-8-support/index.html | 2 +- content/plugins/javatemplates/index.html | 2 +- content/plugins/jfreechart/index.html | 2 +- content/plugins/jsf/index.html | 2 +- content/plugins/json/index.html| 2 +- content/plugins/junit/index.html | 2 +- content/plugins/osgi/index.html| 2 +- content/plugins/oval/index.html| 2 +- content/plugins/plexus/index.html | 2 +- content/plugins/portlet-tiles/index.html | 2 +- content/plugins/portlet/index.html | 2 +- content/plugins/rest/index.html| 2 +- content/plugins/sitegraph/index.html | 2 +- content/plugins/sitemesh/index.html| 2 +- content/plugins/spring/index.html | 2 +- content/plugins/struts-1/index.html| 2 +- content/plugins/testng/index.html | 2 +- content/plugins/tiles-3/index.html | 2 +- content/plugins/tiles/index.html | 2 +- content/plugins/velocity/index.html| 2 +- 30 files changed, 30 insertions(+), 32 deletions(-) diff --git a/content/plugins/async/index.html b/content/plugins/async/index.html index a7b017938..a46dc1733 100644 --- a/content/plugins/async/index.html +++ b/content/plugins/async/index.html @@ -148,7 +148,7 @@ https://github.com/apache/struts-site/edit/master/source/plugins/async/index.md; title="Edit this page on GitHub">Edit on GitHub -<< back to Plugins +<< back to Plugins Async Plugin diff --git a/content/plugins/bean-validation/index.html b/content/plugins/bean-validation/index.html index 14a18ba30..005fc7ae0 100644 --- a/content/plugins/bean-validation/index.html +++ b/content/plugins/bean-validation/index.html @@ -148,7 +148,7 @@ https://github.com/apache/struts-site/edit/master/source/plugins/bean-validation/index.md; title="Edit this page on GitHub">Edit on GitHub -<< back to Plugins +<< back to Plugins Bean Validation Plugin diff --git a/content/plugins/cdi/index.html b/content/plugins/cdi/index.html index 1aa2d6eb2..285a0fd60 100644 --- a/content/plugins/cdi/index.html +++ b/content/plugins/cdi/index.html @@ -148,7 +148,7 @@ https://github.com/apache/struts-site/edit/master/source/plugins/cdi/index.md; title="Edit this page on GitHub">Edit on GitHub -<< back to Plugins +<< back to Plugins CDI Plugin diff --git a/content/plugins/codebehind/index.html b/content/plugins/codebehind/index.html index 7a214a97e..2a6b440b1 100644 --- a/content/plugins/codebehind/index.html +++ b/content/plugins/codebehind/index.html @@ -148,7 +148,7 @@ https://github.com/apache/struts-site/edit/master/source/plugins/codebehind/index.md; title="Edit this page on GitHub">Edit on GitHub -<< back to Plugins +<< back to Plugins Codebehind Plugin diff --git a/content/plugins/config-browser/index.html b/content/plugins/config-browser/index.html index 6e0a79591..6a6447bd0 100644 --- a/content/plugins/config-browser/index.html +++ b/content/plugins/config-browser/index.html @@ -148,7 +148,7 @@ https://github.com/apache/struts-site/edit/master/source/plugins/config-browser/index.md; title="Edit this page on GitHub">Edit on GitHub -<< back to Plugins +<< back to Plugins Config Browser Plugin diff --git a/content/plugins/convention/converting.html b/content/plugins/convention/converting.html index f6bc6892e..05106b01d 100644 --- a/content/plugins/convention/converting.html +++ b/content/plugins/convention/converting.html @@ -150,9 +150,7 @@ << back to Convention plugin -« back to Convention Plugin - -Converting application from Codebehind to Convention Plugin +Converting application from Codebehind to Convention Plugin Changes required diff --git a/content/plugins/convention/index.html b/content/plugins/convention/index.html index 758e6f685..0fa087f96 100644 ---
(struts-site) branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new 700476e8c Updates stage by Jenkins 700476e8c is described below commit 700476e8c9017095cecacc3dd85de4baa321c60d Author: jenkins AuthorDate: Sat Apr 20 14:00:26 2024 + Updates stage by Jenkins --- content/plugins/json/json-ajax-validation.html | 193 + .../plugins/portlet/struts-2-portlet-tutorial.html | 193 + content/plugins/spring/index.html | 2 + 3 files changed, 4 insertions(+), 384 deletions(-) diff --git a/content/plugins/json/json-ajax-validation.html b/content/plugins/json/json-ajax-validation.html index 6c7306ce0..8f463ddf3 100644 --- a/content/plugins/json/json-ajax-validation.html +++ b/content/plugins/json/json-ajax-validation.html @@ -1,156 +1,4 @@ - - - - - - - - - - JSON Ajax validation - - - - - - - - - - - - - -var _paq = window._paq = window._paq || []; -/* tracker methods like "setCustomDimension" should be called before "trackPageView" */ -/* We explicitly disable cookie tracking to avoid privacy issues */ -_paq.push(['disableCookies']); -_paq.push(['trackPageView']); -_paq.push(['enableLinkTracking']); -(function() { - var u="//analytics.apache.org/"; - _paq.push(['setTrackerUrl', u+'matomo.php']); - _paq.push(['setSiteId', '41']); - var d=document, g=d.createElement('script'), s=d.getElementsByTagName('script')[0]; - g.async=true; g.src=u+'matomo.js'; s.parentNode.insertBefore(g,s); -})(); - - - - - -https://github.com/apache/struts; class="github-ribbon"> - https://github.blog/wp-content/uploads/2008/12/forkme_right_red_aa.png?resize=149%2C149; class="attachment-full size-full" alt="Fork me on GitHub" data-recalc-dims="1"> - - - - - - - - -Menu -Toggle navigation - - - - - - - - - - -Home - - -Welcome -Download -Releases -Announcements -http://www.apache.org/licenses/;>License -https://www.apache.org/foundation/thanks.html;>Thanks! -https://www.apache.org/foundation/sponsorship.html;>Sponsorship -https://privacy.apache.org/policies/privacy-policy-public.html;>Privacy Policy - - - - -Support - - -User Mailing List -https://issues.apache.org/jira/browse/WW;>Issue Tracker -Reporting Security Issues -Commercial Support - -https://cwiki.apache.org/confluence/display/WW/Migration+Guide;>Version Notes -https://cwiki.apache.org/confluence/display/WW/Security+Bulletins;>Security Bulletins - -Maven Project Info -Struts Core Dependencies -Plugin Dependencies - - - - -Documentation - - -Birds Eye -Key Technologies -Kickstart FAQ -https://cwiki.apache.org/confluence/display/WW/Home;>Wiki - -Getting Started -Security Guide -Core Developers Guide -Tag Developers Guide -Maven Archetypes -Plugins -Struts Core API -Tag reference -https://cwiki.apache.org/confluence/display/WW/FAQs;>FAQs -http://cwiki.apache.org/S2PLUGINS/home.html;>Plugin registry - - - - -Contributing - - -You at Struts -How to Help FAQ -Development Lists - -Submitting patches -Source Code and Builds -Coding standards -Contributors Guide - -Release Guidelines -PMC Charter -Volunteers -https://gitbox.apache.org/repos/asf?p=struts.git;>Source Repository -Updating the website - - -http://www.apache.org/;> - - - - - - - - - - -https://github.com/apache/struts-site/edit/master/source/plugins/json/json-ajax-validation.md; title="Edit this page on GitHub">Edit on GitHub -
(struts-site) branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new 64b387636 Updates stage by Jenkins 64b387636 is described below commit 64b387636d2ec12f44683adff5b49e6ba1fdd233 Author: jenkins AuthorDate: Sat Apr 20 13:58:40 2024 + Updates stage by Jenkins --- .../ajax-client-side-validation.html | 84 +++ content/plugins/index.html | 2 +- content/plugins/json/index.html| 12 +- content/plugins/json/json-ajax-validation.html | 279 + .../plugins/portlet/struts-2-portlet-tutorial.html | 193 +- content/plugins/spring/index.html | 2 - .../ajax-and-javascript-recipes.html | 78 +++--- content/tag-developers/ajax-div-template.html | 12 +- content/tag-developers/ajax-event-system.html | 4 +- 9 files changed, 523 insertions(+), 143 deletions(-) diff --git a/content/core-developers/ajax-client-side-validation.html b/content/core-developers/ajax-client-side-validation.html index 9570c2e5f..396dfbea1 100644 --- a/content/core-developers/ajax-client-side-validation.html +++ b/content/core-developers/ajax-client-side-validation.html @@ -509,21 +509,21 @@ It takes care of hiding validation errors that might be present, submit the form * * @param event onSubmit event */ -function ajaxFormValidation(event) { -event.preventDefault(); -_removeValidationErrors(); -var _form = $(event.target); -var _formData = _form.serialize(true); +function ajaxFormValidation(event) { +event.preventDefault(); +_removeValidationErrors(); +var _form = $(event.target); +var _formData = _form.serialize(true); // prepare visual feedback // you may want to use other elements here -var originalButton = _form.find('.btn-primary'); +var originalButton = _form.find('.btn-primary'); // note: jQuery returns an array-like object -if (originalButton originalButton.length originalButton.length 0) { -originalButton.hide(); -var feedbackElement = $('div class="ajaxVisualFeedback"/div').insertAfter(originalButton); +if (originalButton originalButton.length originalButton.length 0) { +originalButton.hide(); +var feedbackElement = $('div class="ajaxVisualFeedback"/div').insertAfter(originalButton); var restoreFunction = function() { -originalButton.show(); -feedbackElement.remove(); +originalButton.show(); +feedbackElement.remove(); } } var options = { @@ -531,48 +531,48 @@ It takes care of hiding validation errors that might be present, submit the form async: true, processData: false, type: 'POST', -success: function (response, statusText, xhr) { -if (response.location) { +success: function (response, statusText, xhr) { +if (response.location) { // no validation errors // action has been executed and sent a redirect URL wrapped as JSON // cannot use a normal http-redirect (status-code 3xx) as this would be followed by browsers and would not be available here // follow JSON-redirect window.location.href = response.location; } else { -if (restoreFunction) { -restoreFunction(); +if (restoreFunction) { +restoreFunction(); } -_handleValidationResult(_form, response); +_handleValidationResult(_form, response); } }, error: function(xhr, textStatus, errorThrown) { -if (restoreFunction) { -restoreFunction(); +if (restoreFunction) { +restoreFunction(); } // struts sends status code 400 when validation errors are present -if (xhr.status === 400) { -_handleValidationResult(_form, JSON.parse(xhr.responseText)) +if (xhr.status === 400) { +_handleValidationResult(_form, JSON.parse(xhr.responseText)) } else { // a real error occurred - show user an error message -_handleValidationResult(_form, {errors: ['Network or server error!']}) +_handleValidationResult(_form, {errors: ['Network or server error!']}) } } } // send request, after delay to make sure everybody notices the visual feedback :) -window.setTimeout(function() { +window.setTimeout(function() { var url = _form[0].action; -jQuery.ajax(url, options); +jQuery.ajax(url,
(struts-site) branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new ebaafed52 Updates stage by Jenkins ebaafed52 is described below commit ebaafed52bcb975a56b42db1cf9d2d5ff64dc656 Author: jenkins AuthorDate: Sat Apr 20 13:43:43 2024 + Updates stage by Jenkins --- content/core-developers/web-xml.html | 2 +- content/plugins/async/index.html | 4 +- content/plugins/bean-validation/index.html | 4 +- content/plugins/cdi/index.html | 4 +- content/plugins/codebehind/index.html | 4 +- content/plugins/config-browser/index.html | 4 +- content/plugins/convention/converting.html | 2 + content/plugins/convention/index.html | 4 +- content/plugins/dwr/index.html | 4 +- content/plugins/embedded-jsp/index.html| 4 +- content/plugins/jasperreports/index.html | 4 +- content/plugins/java-8-support/index.html | 4 +- content/plugins/javatemplates/index.html | 4 +- content/plugins/jfreechart/index.html | 4 +- content/plugins/jsf/index.html | 4 +- content/plugins/json/index.html| 4 +- content/plugins/json/json-ajax-validation.html | 193 + content/plugins/junit/index.html | 4 +- content/plugins/osgi/index.html| 4 +- content/plugins/oval/index.html| 4 +- content/plugins/plexus/index.html | 4 +- content/plugins/portlet-tiles/index.html | 4 +- content/plugins/portlet/index.html | 4 +- .../plugins/portlet/struts-2-portlet-tutorial.html | 193 + content/plugins/rest/index.html| 4 +- content/plugins/sitegraph/index.html | 4 +- content/plugins/sitemesh/index.html| 56 +++--- content/plugins/spring/index.html | 4 +- .../spring-session-components-workarounds.html | 193 + content/plugins/struts-1/index.html| 4 +- content/plugins/testng/index.html | 4 +- content/plugins/tiles-3/index.html | 4 +- content/plugins/tiles/index.html | 4 +- content/plugins/velocity/index.html| 2 +- 34 files changed, 88 insertions(+), 661 deletions(-) diff --git a/content/core-developers/web-xml.html b/content/core-developers/web-xml.html index b1dee9200..78a466e7c 100644 --- a/content/core-developers/web-xml.html +++ b/content/core-developers/web-xml.html @@ -192,7 +192,7 @@ should behave. /web-app -See SiteMesh Plugin for an example on when to use separate Filters for prepare and execution phase. +See SiteMesh Plugin for an example on when to use separate Filters for prepare and execution phase. Custom mapping diff --git a/content/plugins/async/index.html b/content/plugins/async/index.html index ed24ec747..967d88874 100644 --- a/content/plugins/async/index.html +++ b/content/plugins/async/index.html @@ -13,7 +13,7 @@ - + @@ -148,7 +148,7 @@ https://github.com/apache/struts-site/edit/master/source/plugins/async/index.md; title="Edit this page on GitHub">Edit on GitHub -<< back to Plugins +<< back to Plugins Async Plugin diff --git a/content/plugins/bean-validation/index.html b/content/plugins/bean-validation/index.html index 220bd6b7b..7af22d667 100644 --- a/content/plugins/bean-validation/index.html +++ b/content/plugins/bean-validation/index.html @@ -13,7 +13,7 @@ - + @@ -148,7 +148,7 @@ https://github.com/apache/struts-site/edit/master/source/plugins/bean-validation/index.md; title="Edit this page on GitHub">Edit on GitHub -<< back to Plugins +<< back to Plugins Bean Validation Plugin diff --git a/content/plugins/cdi/index.html b/content/plugins/cdi/index.html index d2afcacb6..d743d1673 100644 --- a/content/plugins/cdi/index.html +++ b/content/plugins/cdi/index.html @@ -13,7 +13,7 @@ - + @@ -148,7 +148,7 @@ https://github.com/apache/struts-site/edit/master/source/plugins/cdi/index.md; title="Edit this page on GitHub">Edit on GitHub -<< back to Plugins +<< back to Plugins CDI Plugin diff --git a/content/plugins/codebehind/index.html b/content/plugins/codebehind/index.html index aff2be0e7..1c6456f28 100644 --- a/content/plugins/codebehind/index.html +++ b/content/plugins/codebehind/index.html @@ -13,7 +13,7 @@ - + @@ -148,7 +148,7 @@
(struts-site) branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new 6b2168b97 Updates stage by Jenkins 6b2168b97 is described below commit 6b2168b9794a82ac988000386173c4fa2863c909 Author: jenkins AuthorDate: Sat Apr 20 13:52:33 2024 + Updates stage by Jenkins
(struts-site) branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new 21eb939f1 Updates stage by Jenkins 21eb939f1 is described below commit 21eb939f1c31614aa6e192cbe2c7c2f4877e51ff Author: jenkins AuthorDate: Sat Apr 20 13:51:58 2024 + Updates stage by Jenkins --- content/plugins/async/index.html | 2 +- content/plugins/bean-validation/index.html | 2 +- content/plugins/cdi/index.html | 2 +- content/plugins/codebehind/index.html | 2 +- content/plugins/config-browser/index.html | 2 +- content/plugins/convention/converting.html | 2 +- content/plugins/convention/index.html | 2 +- content/plugins/dwr/index.html | 2 +- content/plugins/embedded-jsp/index.html| 2 +- content/plugins/jasperreports/index.html | 2 +- content/plugins/java-8-support/index.html | 2 +- content/plugins/javatemplates/index.html | 2 +- content/plugins/jfreechart/index.html | 2 +- content/plugins/jsf/index.html | 2 +- content/plugins/json/index.html| 2 +- content/plugins/junit/index.html | 2 +- content/plugins/osgi/index.html| 2 +- content/plugins/oval/index.html| 2 +- content/plugins/plexus/index.html | 2 +- content/plugins/portlet-tiles/index.html | 2 +- content/plugins/portlet/index.html | 2 +- content/plugins/rest/index.html| 2 +- content/plugins/sitegraph/index.html | 2 +- content/plugins/sitemesh/index.html| 6 +- content/plugins/spring/index.html | 2 +- content/plugins/struts-1/index.html| 2 +- content/plugins/testng/index.html | 2 +- content/plugins/tiles-3/index.html | 2 +- content/plugins/tiles/index.html | 2 +- content/plugins/velocity/index.html| 2 +- 30 files changed, 30 insertions(+), 34 deletions(-) diff --git a/content/plugins/async/index.html b/content/plugins/async/index.html index 967d88874..a7b017938 100644 --- a/content/plugins/async/index.html +++ b/content/plugins/async/index.html @@ -148,7 +148,7 @@ https://github.com/apache/struts-site/edit/master/source/plugins/async/index.md; title="Edit this page on GitHub">Edit on GitHub -<< back to Plugins +<< back to Plugins Async Plugin diff --git a/content/plugins/bean-validation/index.html b/content/plugins/bean-validation/index.html index 7af22d667..14a18ba30 100644 --- a/content/plugins/bean-validation/index.html +++ b/content/plugins/bean-validation/index.html @@ -148,7 +148,7 @@ https://github.com/apache/struts-site/edit/master/source/plugins/bean-validation/index.md; title="Edit this page on GitHub">Edit on GitHub -<< back to Plugins +<< back to Plugins Bean Validation Plugin diff --git a/content/plugins/cdi/index.html b/content/plugins/cdi/index.html index d743d1673..1aa2d6eb2 100644 --- a/content/plugins/cdi/index.html +++ b/content/plugins/cdi/index.html @@ -148,7 +148,7 @@ https://github.com/apache/struts-site/edit/master/source/plugins/cdi/index.md; title="Edit this page on GitHub">Edit on GitHub -<< back to Plugins +<< back to Plugins CDI Plugin diff --git a/content/plugins/codebehind/index.html b/content/plugins/codebehind/index.html index 1c6456f28..7a214a97e 100644 --- a/content/plugins/codebehind/index.html +++ b/content/plugins/codebehind/index.html @@ -148,7 +148,7 @@ https://github.com/apache/struts-site/edit/master/source/plugins/codebehind/index.md; title="Edit this page on GitHub">Edit on GitHub -<< back to Plugins +<< back to Plugins Codebehind Plugin diff --git a/content/plugins/config-browser/index.html b/content/plugins/config-browser/index.html index dfffe58b3..6e0a79591 100644 --- a/content/plugins/config-browser/index.html +++ b/content/plugins/config-browser/index.html @@ -148,7 +148,7 @@ https://github.com/apache/struts-site/edit/master/source/plugins/config-browser/index.md; title="Edit this page on GitHub">Edit on GitHub -<< back to Plugins +<< back to Plugins Config Browser Plugin diff --git a/content/plugins/convention/converting.html b/content/plugins/convention/converting.html index 75a110dc0..f6bc6892e 100644 --- a/content/plugins/convention/converting.html +++ b/content/plugins/convention/converting.html @@ -148,7 +148,7 @@ https://github.com/apache/struts-site/edit/master/source/plugins/convention/converting.md; title="Edit this page on GitHub">Edit on GitHub -<< back to Convention plugin +<< back to Convention plugin « back to Convention Plugin diff --git a/content/plugins/convention/index.html b/content/plugins/convention/index.html index
(struts-site) branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new 94709e7b1 Updates stage by Jenkins 94709e7b1 is described below commit 94709e7b136499a29d1a737c2a6059fd0dd9abec Author: jenkins AuthorDate: Sat Apr 20 13:51:22 2024 + Updates stage by Jenkins --- .../ajax-client-side-validation.html | 84 ++--- content/core-developers/web-xml.html | 11 ++- content/plugins/json/index.html| 12 +-- content/plugins/json/json-ajax-validation.html | 86 +++--- .../ajax-and-javascript-recipes.html | 78 ++-- content/tag-developers/ajax-div-template.html | 12 +-- content/tag-developers/ajax-event-system.html | 4 +- 7 files changed, 145 insertions(+), 142 deletions(-) diff --git a/content/core-developers/ajax-client-side-validation.html b/content/core-developers/ajax-client-side-validation.html index 396dfbea1..9570c2e5f 100644 --- a/content/core-developers/ajax-client-side-validation.html +++ b/content/core-developers/ajax-client-side-validation.html @@ -509,21 +509,21 @@ It takes care of hiding validation errors that might be present, submit the form * * @param event onSubmit event */ -function ajaxFormValidation(event) { -event.preventDefault(); -_removeValidationErrors(); -var _form = $(event.target); -var _formData = _form.serialize(true); +function ajaxFormValidation(event) { +event.preventDefault(); +_removeValidationErrors(); +var _form = $(event.target); +var _formData = _form.serialize(true); // prepare visual feedback // you may want to use other elements here -var originalButton = _form.find('.btn-primary'); +var originalButton = _form.find('.btn-primary'); // note: jQuery returns an array-like object -if (originalButton originalButton.length originalButton.length 0) { -originalButton.hide(); -var feedbackElement = $('div class="ajaxVisualFeedback"/div').insertAfter(originalButton); +if (originalButton originalButton.length originalButton.length 0) { +originalButton.hide(); +var feedbackElement = $('div class="ajaxVisualFeedback"/div').insertAfter(originalButton); var restoreFunction = function() { -originalButton.show(); -feedbackElement.remove(); +originalButton.show(); +feedbackElement.remove(); } } var options = { @@ -531,48 +531,48 @@ It takes care of hiding validation errors that might be present, submit the form async: true, processData: false, type: 'POST', -success: function (response, statusText, xhr) { -if (response.location) { +success: function (response, statusText, xhr) { +if (response.location) { // no validation errors // action has been executed and sent a redirect URL wrapped as JSON // cannot use a normal http-redirect (status-code 3xx) as this would be followed by browsers and would not be available here // follow JSON-redirect window.location.href = response.location; } else { -if (restoreFunction) { -restoreFunction(); +if (restoreFunction) { +restoreFunction(); } -_handleValidationResult(_form, response); +_handleValidationResult(_form, response); } }, error: function(xhr, textStatus, errorThrown) { -if (restoreFunction) { -restoreFunction(); +if (restoreFunction) { +restoreFunction(); } // struts sends status code 400 when validation errors are present -if (xhr.status === 400) { -_handleValidationResult(_form, JSON.parse(xhr.responseText)) +if (xhr.status === 400) { +_handleValidationResult(_form, JSON.parse(xhr.responseText)) } else { // a real error occurred - show user an error message -_handleValidationResult(_form, {errors: ['Network or server error!']}) +_handleValidationResult(_form, {errors: ['Network or server error!']}) } } } // send request, after delay to make sure everybody notices the visual feedback :) -window.setTimeout(function() { +window.setTimeout(function() { var url = _form[0].action; -jQuery.ajax(url, options); +jQuery.ajax(url, options); }, 1000); } /** * Removes validation errors from HTML DOM. */ -function
(struts-site) branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new a2959adc0 Updates stage by Jenkins a2959adc0 is described below commit a2959adc0797a62de5b3734cd9be9600b1480e73 Author: jenkins AuthorDate: Sat Apr 20 08:40:26 2024 + Updates stage by Jenkins
(struts-site) branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new 088753119 Updates stage by Jenkins 088753119 is described below commit 088753119d9998889f3647ec7badd02036c5bbdd Author: jenkins AuthorDate: Sat Apr 20 08:33:04 2024 + Updates stage by Jenkins --- content/download.html | 18 -- 1 file changed, 12 insertions(+), 6 deletions(-) diff --git a/content/download.html b/content/download.html index 70014e1de..d88262e88 100644 --- a/content/download.html +++ b/content/download.html @@ -220,9 +220,10 @@ Full Distribution: -struts-6.4.0-all.zip (73MB) +struts-6.4.0-all.zip (70MB) [https://downloads.apache.org/struts/6.4.0/struts-6.4.0-all.zip.asc;>PGP] [https://downloads.apache.org/struts/6.4.0/struts-6.4.0-all.zip.sha256;>SHA256] +[https://downloads.apache.org/struts/6.4.0/struts-6.4.0-all.zip.sha512;>SHA512] @@ -230,9 +231,10 @@ Example Applications: -struts-6.4.0-apps.zip (32MB) +struts-6.4.0-apps.zip (35MB) [https://downloads.apache.org/struts/6.4.0/struts-6.4.0-apps.zip.asc;>PGP] [https://downloads.apache.org/struts/6.4.0/struts-6.4.0-apps.zip.sha256;>SHA256] +[https://downloads.apache.org/struts/6.4.0/struts-6.4.0-apps.zip.sha512;>SHA512] @@ -240,9 +242,10 @@ Essential Dependencies Only: -struts-6.4.0-min-lib.zip (4MB) +struts-6.4.0-min-lib.zip (5.9MB) [https://downloads.apache.org/struts/6.4.0/struts-6.4.0-min-lib.zip.asc;>PGP] [https://downloads.apache.org/struts/6.4.0/struts-6.4.0-min-lib.zip.sha256;>SHA256] +[https://downloads.apache.org/struts/6.4.0/struts-6.4.0-min-lib.zip.sha512;>SHA512] @@ -250,9 +253,10 @@ All Dependencies: -struts-6.4.0-lib.zip (24MB) +struts-6.4.0-lib.zip (25.5MB) [https://downloads.apache.org/struts/6.4.0/struts-6.4.0-lib.zip.asc;>PGP] [https://downloads.apache.org/struts/6.4.0/struts-6.4.0-lib.zip.sha256;>SHA256] +[https://downloads.apache.org/struts/6.4.0/struts-6.4.0-lib.zip.sha512;>SHA512] @@ -260,9 +264,10 @@ Documentation: -struts-6.4.0-docs.zip (12MB) +struts-6.4.0-docs.zip (2.5MB) [https://downloads.apache.org/struts/6.4.0/struts-6.4.0-docs.zip.asc;>PGP] [https://downloads.apache.org/struts/6.4.0/struts-6.4.0-docs.zip.sha256;>SHA256] +[https://downloads.apache.org/struts/6.4.0/struts-6.4.0-docs.zip.sha512;>SHA512] @@ -270,9 +275,10 @@ Source: -struts-6.4.0-src.zip (6MB) +struts-6.4.0-src.zip (6.8MB) [https://downloads.apache.org/struts/6.4.0/struts-6.4.0-src.zip.asc;>PGP] [https://downloads.apache.org/struts/6.4.0/struts-6.4.0-src.zip.sha256;>SHA256] +[https://downloads.apache.org/struts/6.4.0/struts-6.4.0-src.zip.sha512;>SHA512]
(struts-site) branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new 42bcdbc09 Updates stage by Jenkins 42bcdbc09 is described below commit 42bcdbc09cca516a6f3e5ec56e539641e663769f Author: jenkins AuthorDate: Sat Apr 20 08:25:29 2024 + Updates stage by Jenkins --- content/releases.html | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/releases.html b/content/releases.html index 67f338ebe..44a53adaa 100644 --- a/content/releases.html +++ b/content/releases.html @@ -249,7 +249,7 @@ Struts 6.3.0.2 -7 December September 2023 +7 December 2023
(struts-site) branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new 88293e5e4 Updates stage by Jenkins 88293e5e4 is described below commit 88293e5e4b8ac30eddc3be1d065dd43f99403780 Author: jenkins AuthorDate: Sat Apr 20 08:22:34 2024 + Updates stage by Jenkins --- .../ajax-event-system.html => announce-2024.html} | 79 +--- .../ajax-client-side-validation.html | 84 ++--- content/download.html | 44 +-- content/index.html | 26 +++ content/plugins/json/index.html| 12 +-- content/plugins/json/json-ajax-validation.html | 86 +++--- content/releases.html | 47 +++- content/security/index.html| 14 +--- .../ajax-and-javascript-recipes.html | 78 ++-- content/tag-developers/ajax-div-template.html | 12 +-- content/tag-developers/ajax-event-system.html | 4 +- 11 files changed, 275 insertions(+), 211 deletions(-) diff --git a/content/tag-developers/ajax-event-system.html b/content/announce-2024.html similarity index 71% copy from content/tag-developers/ajax-event-system.html copy to content/announce-2024.html index ba01d552e..df884004c 100644 --- a/content/tag-developers/ajax-event-system.html +++ b/content/announce-2024.html @@ -7,7 +7,7 @@ - Tag Developers Guide + Announcements 2024 @@ -146,45 +146,70 @@ -https://github.com/apache/struts-site/edit/master/source/tag-developers/ajax-event-system.md; title="Edit this page on GitHub">Edit on GitHub +https://github.com/apache/struts-site/edit/master/source/announce-2024.md; title="Edit this page on GitHub">Edit on GitHub -ajax event system +Announcements 2024 + + + + Skip to: Announcements - 2023 + + +20 April 2024 - Apache Struts version 7.0.0-M6 + +The Apache Struts group is pleased to announce that Apache Struts version 7.0.0-MS is available as a Test Build. + +The Apache Struts is an elegant, extensible framework for creating enterprise-ready Java web applications. +The framework has been designed to streamline the full development cycle, from building, to deploying, +to maintaining applications over time. - NOTE: Ajax template (Dojo plugin) is deprecated and won’t be supported any longer. + Please read the https://cwiki.apache.org/confluence/display/WW/Version+Notes+7.0.0-M6;>Version Notes to find more details about performed +bug fixes and improvements. -As you may have seen with the ajax div template and ajax a template, -the framework and Dojo provide a nice way to subscribe and notify of topics from within the browser. A benefit of using -Dojo as the basis of many of these components is being able to loosely couple UI components. There are two -attributes of importance: listenTopics and notifyTopics. +This is a test build not ready to be used in production environments! + +The 7.x series of the Apache Struts framework has a minimum requirement of the following specification versions: +JakartaEE Servlet API 6.0.0, JakartaEE JSP API 3.0, and Java 17. - - If a component has a notifyTopics attribute, then after the processing has been completed a message with be published -to the topic names supplied as a value (comma delimited). - If a component has a listenTopics attribute, then when a message is published to the topic names supplied as a value -(comma delimited), the component will perform custom tag-specific logic ( i.e a DIV tag will re-fresh its content). - +Should any issues arise with your use of any version of the Struts framework, please post your comments to the user list, +and, if appropriate, file https://issues.apache.org/jira/projects/WW/;>a tracking ticket. -As well as this, you can publish and subscribe to topic names with javascript code. To publish to the topic_name topic: +19 April 2024 - Apache Struts version 6.4.0 General Availability + +The Apache Struts group is pleased to announce that Apache Struts version 6.4.0 is available as a “General Availability” +release. The GA designation is our highest quality grade. + +The Apache Struts is an elegant, extensible framework for creating enterprise-ready Java web applications. +The framework has been designed to streamline the full development cycle, from building, to deploying, +to maintaining applications over time. + +This version contains a lot of proactive security improvements, which should make your application hard to compromise. + + + Please read the https://cwiki.apache.org/confluence/display/WW/Version+Notes+6.4.0;>Version Notes to find more details about performed +bug fixes and improvements. +
(struts-site) branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new 9eedafb01 Updates stage by Jenkins 9eedafb01 is described below commit 9eedafb0128608903e1cfbe0928bfe8c43fc2b3b Author: jenkins AuthorDate: Fri Apr 12 10:39:51 2024 + Updates stage by Jenkins --- content/core-developers/default-properties.html | 3 +++ content/security/index.html | 14 ++ 2 files changed, 13 insertions(+), 4 deletions(-) diff --git a/content/core-developers/default-properties.html b/content/core-developers/default-properties.html index 82e08be14..11f58ec67 100644 --- a/content/core-developers/default-properties.html +++ b/content/core-developers/default-properties.html @@ -379,6 +379,9 @@ struts.xslt.nocache=false ### Whether to always select the namespace to be everything before the last slash or not struts.mapper.alwaysSelectFullNamespace=false +### Whether to fallback to empty namespace when request namespace does not match any in configuration +struts.actionConfig.fallbackToEmptyNamespace=true + ### Whether to allow static field access in OGNL expressions or not struts.ognl.allowStaticFieldAccess=true diff --git a/content/security/index.html b/content/security/index.html index edb42891b..2f6061c83 100644 --- a/content/security/index.html +++ b/content/security/index.html @@ -608,10 +608,16 @@ with other known dangerous classes or packages in your application. We additionally recommend enabling the following options (enabled by default in 7.0). - struts.ognl.allowStaticFieldAccess=false - static methods are always blocked, but static fields can also optionally be blocked - struts.disallowProxyMemberAccess=true - disallow proxied objects from being used in OGNL expressions as they may present a security risk - struts.disallowDefaultPackageAccess=true - disallow access to classes in the default package which should not be used in production - struts.ognl.disallowCustomOgnlMap=true - disallow construction of custom OGNL maps which can be used to bypass the SecurityMemberAccess policy + struts.ognl.allowStaticFieldAccess=false - static field values which aren’t a primitive type can be used to access +classes that wouldn’t otherwise be accessible + struts.disallowProxyObjectAccess=true - disallow proxied objects from being used in OGNL expressions as these often +represent application beans or database entities which are sensitive + struts.disallowDefaultPackageAccess=true - disallow access to classes in the default package which should not be +used in production + struts.ognl.disallowCustomOgnlMap=true - disallow construction of custom OGNL maps which can be used to bypass the +SecurityMemberAccess policy + struts.actionConfig.fallbackToEmptyNamespace=false - prevent Actions in the empty namespace from being accessed from +alternative endpoints Allowlist Capability
(struts-site) branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new a47f81e04 Updates stage by Jenkins a47f81e04 is described below commit a47f81e0482b35b2cdcc21b4853724e9e81cf879 Author: jenkins AuthorDate: Thu Mar 28 11:57:08 2024 + Updates stage by Jenkins --- content/plugins/tiles/index.html | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/plugins/tiles/index.html b/content/plugins/tiles/index.html index 83f1258db..c75e28b8f 100644 --- a/content/plugins/tiles/index.html +++ b/content/plugins/tiles/index.html @@ -194,7 +194,7 @@ configuration will be similar to: Register the Tiles listener. This listener will typically either be the standard tiles listener org.apache.tiles.listener.TilesListener -or the Struts2 replacement org.apache.struts2.tiles.TilesListener. The latter provides tighter integration with +or the Struts2 replacement org.apache.struts2.tiles.StrutsTilesListener. The latter provides tighter integration with Struts features such as freemarker integration. listener
(struts-site) branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new 7a5a86c79 Updates stage by Jenkins 7a5a86c79 is described below commit 7a5a86c79595b2b262cd622d33bd7c19822b3609 Author: jenkins AuthorDate: Mon Mar 25 09:15:42 2024 + Updates stage by Jenkins --- .../ajax-client-side-validation.html | 84 ++--- content/plugins/json/index.html| 12 +-- content/plugins/json/json-ajax-validation.html | 86 +++--- .../ajax-and-javascript-recipes.html | 78 ++-- content/tag-developers/ajax-div-template.html | 12 +-- content/tag-developers/ajax-event-system.html | 4 +- 6 files changed, 138 insertions(+), 138 deletions(-) diff --git a/content/core-developers/ajax-client-side-validation.html b/content/core-developers/ajax-client-side-validation.html index 396dfbea1..9570c2e5f 100644 --- a/content/core-developers/ajax-client-side-validation.html +++ b/content/core-developers/ajax-client-side-validation.html @@ -509,21 +509,21 @@ It takes care of hiding validation errors that might be present, submit the form * * @param event onSubmit event */ -function ajaxFormValidation(event) { -event.preventDefault(); -_removeValidationErrors(); -var _form = $(event.target); -var _formData = _form.serialize(true); +function ajaxFormValidation(event) { +event.preventDefault(); +_removeValidationErrors(); +var _form = $(event.target); +var _formData = _form.serialize(true); // prepare visual feedback // you may want to use other elements here -var originalButton = _form.find('.btn-primary'); +var originalButton = _form.find('.btn-primary'); // note: jQuery returns an array-like object -if (originalButton originalButton.length originalButton.length 0) { -originalButton.hide(); -var feedbackElement = $('div class="ajaxVisualFeedback"/div').insertAfter(originalButton); +if (originalButton originalButton.length originalButton.length 0) { +originalButton.hide(); +var feedbackElement = $('div class="ajaxVisualFeedback"/div').insertAfter(originalButton); var restoreFunction = function() { -originalButton.show(); -feedbackElement.remove(); +originalButton.show(); +feedbackElement.remove(); } } var options = { @@ -531,48 +531,48 @@ It takes care of hiding validation errors that might be present, submit the form async: true, processData: false, type: 'POST', -success: function (response, statusText, xhr) { -if (response.location) { +success: function (response, statusText, xhr) { +if (response.location) { // no validation errors // action has been executed and sent a redirect URL wrapped as JSON // cannot use a normal http-redirect (status-code 3xx) as this would be followed by browsers and would not be available here // follow JSON-redirect window.location.href = response.location; } else { -if (restoreFunction) { -restoreFunction(); +if (restoreFunction) { +restoreFunction(); } -_handleValidationResult(_form, response); +_handleValidationResult(_form, response); } }, error: function(xhr, textStatus, errorThrown) { -if (restoreFunction) { -restoreFunction(); +if (restoreFunction) { +restoreFunction(); } // struts sends status code 400 when validation errors are present -if (xhr.status === 400) { -_handleValidationResult(_form, JSON.parse(xhr.responseText)) +if (xhr.status === 400) { +_handleValidationResult(_form, JSON.parse(xhr.responseText)) } else { // a real error occurred - show user an error message -_handleValidationResult(_form, {errors: ['Network or server error!']}) +_handleValidationResult(_form, {errors: ['Network or server error!']}) } } } // send request, after delay to make sure everybody notices the visual feedback :) -window.setTimeout(function() { +window.setTimeout(function() { var url = _form[0].action; -jQuery.ajax(url, options); +jQuery.ajax(url, options); }, 1000); } /** * Removes validation errors from HTML DOM. */ -function _removeValidationErrors() { +function _removeValidationErrors() { // action
(struts-site) branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new 3b462cfe3 Updates stage by Jenkins 3b462cfe3 is described below commit 3b462cfe3cee3c805333496d98967c2493419cf0 Author: jenkins AuthorDate: Sun Mar 24 20:48:29 2024 + Updates stage by Jenkins --- content/core-developers/action-file-upload-interceptor.html | 2 ++ content/core-developers/file-upload-interceptor.html| 2 ++ 2 files changed, 4 insertions(+) diff --git a/content/core-developers/action-file-upload-interceptor.html b/content/core-developers/action-file-upload-interceptor.html index b1f048d09..74cefb55b 100644 --- a/content/core-developers/action-file-upload-interceptor.html +++ b/content/core-developers/action-file-upload-interceptor.html @@ -200,6 +200,8 @@ and which are not. Examples +See this page for more examples and advanced configuration. + Example action mapping: action name="doUpload" class="com.example.UploadAction" diff --git a/content/core-developers/file-upload-interceptor.html b/content/core-developers/file-upload-interceptor.html index 5986154e4..f7f65df88 100644 --- a/content/core-developers/file-upload-interceptor.html +++ b/content/core-developers/file-upload-interceptor.html @@ -208,6 +208,8 @@ and which are not. Examples +See this page for more examples and advanced configuration. + Example action mapping: action name="doUpload" class="com.example.UploadAction"
(struts-site) branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new bb83e5427 Updates stage by Jenkins bb83e5427 is described below commit bb83e54274831024d1be8c53daf8188108d5a525 Author: jenkins AuthorDate: Sun Mar 17 16:46:33 2024 + Updates stage by Jenkins --- content/core-developers/action-file-upload.html | 67 +++-- 1 file changed, 52 insertions(+), 15 deletions(-) diff --git a/content/core-developers/action-file-upload.html b/content/core-developers/action-file-upload.html index a37f9c2ab..8ceb5afcc 100644 --- a/content/core-developers/action-file-upload.html +++ b/content/core-developers/action-file-upload.html @@ -159,10 +159,7 @@ Example JSP form tags: - Uploading Multiple Files - Uploading Multiple Files using Arrays - - + Uploading Multiple Files Advanced Configuration Files Number Limit File Size Limits @@ -216,8 +213,8 @@ example: /s:form -The actionFileUpload interceptor will use a dedicated interface org.apache.struts2.action.UploadedFilesAware to transfer -information and content of uploaded file. Your action should implement the interface to receive the uploaded file: +The actionFileUpload interceptor will use a dedicated interface org.apache.struts2.action.UploadedFilesAware +to transfer information and content of uploaded file. Your action should implement the interface to receive the uploaded file: public class UploadAction extends ActionSupport implements UploadedFilesAware { @@ -248,15 +245,12 @@ information and content of uploaded file. Your action should implement the inter As mentioned in the previous section one technique for uploading multiple files would be to simply have multiple form input elements of type file all with different names. This would require a number of setter methods that was equal to 3 times the number of files being uploaded. Another option is to use Arrays or java.util.Lists. The following examples are -taken from the Showcase example application that is part sample applications you can download -at http://struts.apache.org/download.cgi;>http://struts.apache.org/download.cgi. For the Action mapping details -see struts-fileupload.xml in the sample application download. - -Uploading Multiple Files using Arrays +taken from the Showcase example application that is part sample applications you can download at http://struts.apache.org/download.cgi;>download. +For the Action mapping details see struts-fileupload.xml in the sample application download. -multipleUploadUsingArray.jsp Notice all file input types have the same name. +multipleUploadUsingList.jsp Notice all file input types have the same name. -s:form action="doMultipleUploadUsingArray" method="POST" enctype="multipart/form-data" +s:form action="multipleFileUploadUsingList" method="POST" enctype="multipart/form-data" s:file label="File (1)" name="upload"/ s:file label="File (2)" name="upload"/ s:file label="FIle (3)" name="upload"/ @@ -264,8 +258,51 @@ see struts-fileupload.xml/s:form -The org.apache.struts2.action.UploadedFilesAware interface already supports uploading multiple files, you do not need -to follow the below example. +The org.apache.struts2.action.UploadedFilesAware interface already supports uploading multiple files: + +public class MultipleFileUploadUsingListAction extends ActionSupport implements UploadedFilesAware { + +private ListUploadedFile uploads = new ArrayList(); + +public ListUploadedFile getUpload() { +return this.uploads; +} + +@Override +public void withUploadedFiles(ListUploadedFile uploads) { +this.uploads = uploads; +} + +private ListString getUploadFileNames() { +return this.uploads.stream() +.map(UploadedFile::getOriginalName) +.collect(Collectors.toList()); +} + +private ListString getUploadContentTypes() { +return this.uploads.stream() +.map(UploadedFile::getContentType) +.collect(Collectors.toList()); +} + +public String execute() throws Exception { +System.out.println("files:"); +for (UploadedFile u : uploads) { +System.out.println("*** " + u + "\t" + u.length()); +} +System.out.println("filenames:"); +for (String n : getUploadFileNames()) { +System.out.println("*** " + n); +} +System.out.println("content types:"); +for (String c : getUploadContentTypes()) { +System.out.println("*** " + c); +} +System.out.println("\n\n"); +return SUCCESS; +} +} + Advanced Configuration
(struts-site) branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new 1c11c63e0 Updates stage by Jenkins 1c11c63e0 is described below commit 1c11c63e05474c4ba0042fede4c0bdea530704ca Author: jenkins AuthorDate: Sun Mar 17 09:33:53 2024 + Updates stage by Jenkins --- content/core-developers/action-file-upload-interceptor.html | 12 content/core-developers/file-upload-interceptor.html| 8 +++- content/core-developers/interceptors.html | 2 +- 3 files changed, 16 insertions(+), 6 deletions(-) diff --git a/content/core-developers/action-file-upload-interceptor.html b/content/core-developers/action-file-upload-interceptor.html index cac2831bc..b1f048d09 100644 --- a/content/core-developers/action-file-upload-interceptor.html +++ b/content/core-developers/action-file-upload-interceptor.html @@ -150,11 +150,15 @@ << back to Interceptors -Action File Upload Interceptor +Action File Upload Interceptor - - Available since Struts 6.4.0 as replacement for File Upload Interceptor - + + Parameters + Extending the Interceptor + Examples + + +Available since Struts 6.4.0 as replacement for File Upload Interceptor See this page for more examples and advanced configuration. diff --git a/content/core-developers/file-upload-interceptor.html b/content/core-developers/file-upload-interceptor.html index a9ef1e554..5986154e4 100644 --- a/content/core-developers/file-upload-interceptor.html +++ b/content/core-developers/file-upload-interceptor.html @@ -150,7 +150,13 @@ << back to Interceptors -File Upload Interceptor +File Upload Interceptor + + + Parameters + Extending the Interceptor + Examples + Since Struts 6.4.0 this interceptor is deprecated, please use Action File Upload Interceptor instead! diff --git a/content/core-developers/interceptors.html b/content/core-developers/interceptors.html index 8c8b7cdd4..1821f881d 100644 --- a/content/core-developers/interceptors.html +++ b/content/core-developers/interceptors.html @@ -640,7 +640,7 @@ specified in the intercep File Upload Interceptor fileUpload - DEPERECTED since Struts 6.4.0: an Interceptor that adds easy access to file upload support. + DEPRECTED since Struts 6.4.0: an Interceptor that adds easy access to file upload support. I18n Interceptor
(struts-site) branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new 26bb2d7fc Updates stage by Jenkins 26bb2d7fc is described below commit 26bb2d7fc6b5f3be3cc57b502913c6e5417f3092 Author: jenkins AuthorDate: Sat Mar 16 15:52:09 2024 + Updates stage by Jenkins --- .../action-file-upload-interceptor.html| 2 +- .../{file-upload.html => action-file-upload.html} | 218 ++--- content/core-developers/file-upload.html | 50 + 3 files changed, 23 insertions(+), 247 deletions(-) diff --git a/content/core-developers/action-file-upload-interceptor.html b/content/core-developers/action-file-upload-interceptor.html index 310dffc9d..7f8b86562 100644 --- a/content/core-developers/action-file-upload-interceptor.html +++ b/content/core-developers/action-file-upload-interceptor.html @@ -156,7 +156,7 @@ Available since Struts 6.4.0 as replacement for File Upload Interceptor -See this page for more examples and advanced configuration. +See this page for more examples and advanced configuration. Interceptor that is based off of MultiPartRequestWrapper, which is automatically applied for any request that includes a file. If an action implements org.apache.struts2.action.UploadedFilesAware interface, the interceptor will pass diff --git a/content/core-developers/file-upload.html b/content/core-developers/action-file-upload.html similarity index 61% copy from content/core-developers/file-upload.html copy to content/core-developers/action-file-upload.html index b3e1253f5..f6e1d9988 100644 --- a/content/core-developers/file-upload.html +++ b/content/core-developers/action-file-upload.html @@ -7,7 +7,7 @@ - File Upload + Action File Upload @@ -146,23 +146,21 @@ -https://github.com/apache/struts-site/edit/master/source/core-developers/file-upload.md; title="Edit this page on GitHub">Edit on GitHub +https://github.com/apache/struts-site/edit/master/source/core-developers/action-file-upload.md; title="Edit this page on GitHub">Edit on GitHub << back to Action File Upload Interceptor -File Upload +Action File Upload Dependencies Basic Usage Example action mapping: Example JSP form tags: - Example Action class: Uploading Multiple Files Uploading Multiple Files using Arrays - Uploading Multiple Files using Lists Advanced Configuration @@ -191,16 +189,11 @@ than the temporary directory and the directories that belong to your web applica The Struts 2 framework leverages the Commons FileUpload library as a based library to support file upload in the framework. The library is included in a base Struts 2 distribution. - - NOTE: Since Struts 6.4.0 the FileUploadInterceptor is deprecated, and you should use ActionFileUploadInterceptor instead! - - Basic Usage -The org.apache.struts2.interceptor.FileUploadInterceptor and org.apache.struts2.interceptor.ActionFileUploadInterceptor -interceptors are included as part of the defaultStack and named appropriately: fileUpload and actionFileUpload. -As long as the required libraries are added to your project you will be able to take advantage of the Struts 2 file upload -capability. Configure an Action mapping for your Action class as you typically would. +The org.apache.struts2.interceptor.ActionFileUploadInterceptor interceptor is included as part of the defaultStack +and named actionFileUpload. As long as the required libraries are added to your project you will be able to take +advantage of the Struts 2 file upload capability. Configure an Action mapping for your Action class as you typically would. Example action mapping: @@ -250,71 +243,6 @@ information and content of uploaded file. Your action should implement the inter } -Deprecated approach: the fileUpload interceptor will use setter injection to insert the uploaded file and related data into your Action -class. For a form field named upload you would provide the three setter methods shown in the following example: - -Example Action class: - -package com.example; - -import java.io.File; - -import com.opensymphony.xwork2.ActionSupport; - -public class UploadAction extends ActionSupport { -private File file; -private String contentType; -private String filename; - -@StrutsParameter -public void setUpload(File file) { -this.file = file; -} - -@StrutsParameter -public void setUploadContentType(String contentType) { -this.contentType = contentType; -} - -@StrutsParameter -public void setUploadFileName(String filename) { -this.filename = filename; -} - -public String execute() { -//... -return SUCCESS; -
(struts-site) branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new 82a62dc62 Updates stage by Jenkins 82a62dc62 is described below commit 82a62dc62b9e4a6e5cd494bb40c4b42c06552476 Author: jenkins AuthorDate: Thu Mar 14 13:00:33 2024 + Updates stage by Jenkins
(struts-site) branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new 6fdf23f12 Updates stage by Jenkins 6fdf23f12 is described below commit 6fdf23f1245ccc06b2c76a54079c2282c503265d Author: jenkins AuthorDate: Thu Mar 14 12:45:40 2024 + Updates stage by Jenkins --- content/core-developers/file-upload-interceptor.html | 2 +- content/core-developers/file-upload.html | 6 -- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/content/core-developers/file-upload-interceptor.html b/content/core-developers/file-upload-interceptor.html index 7aa55be6a..7ae6fa0e3 100644 --- a/content/core-developers/file-upload-interceptor.html +++ b/content/core-developers/file-upload-interceptor.html @@ -153,7 +153,7 @@ File Upload Interceptor - Since Struts 6.4.0 this interceptor is deprecated, please use Action FileUpload Interceptor instead! + Since Struts 6.4.0 this interceptor is deprecated, please use Action File Upload Interceptor instead! See this page for more examples and advanced configuration. diff --git a/content/core-developers/file-upload.html b/content/core-developers/file-upload.html index 124b60edf..b3e1253f5 100644 --- a/content/core-developers/file-upload.html +++ b/content/core-developers/file-upload.html @@ -146,8 +146,10 @@ -<< back to Core Developers Guide https://github.com/apache/struts-site/edit/master/source/core-developers/file-upload.md; title="Edit this page on GitHub">Edit on GitHub + +<< back to Action File Upload Interceptor + File Upload @@ -190,7 +192,7 @@ than the temporary directory and the directories that belong to your web applica The library is included in a base Struts 2 distribution. - NOTE: Since Struts 6.4.0 the FileUploadInterceptor is deprecated and you should use ActionFileUploadInterceptor instead! + NOTE: Since Struts 6.4.0 the FileUploadInterceptor is deprecated, and you should use ActionFileUploadInterceptor instead! Basic Usage
(struts-site) branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new a34cb2a33 Updates stage by Jenkins a34cb2a33 is described below commit a34cb2a3312f44797279690cbd35b447aedf200d Author: jenkins AuthorDate: Wed Mar 6 06:10:43 2024 + Updates stage by Jenkins --- content/core-developers/csp-interceptor.html | 5 - 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/content/core-developers/csp-interceptor.html b/content/core-developers/csp-interceptor.html index 2b161917b..d088c1512 100644 --- a/content/core-developers/csp-interceptor.html +++ b/content/core-developers/csp-interceptor.html @@ -173,12 +173,15 @@ header is sent and Content-Se CSP is now supported by all major browsers. https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP;>More information about CSP. +The interceptor adds a nonce value automatically to to s:script and s:link tags. This provides a painless way to +implement CSP in a highly secure fashion. + Parameters enforcingMode (default false) - When set to “true”, the enforce mode has been enabled, and the provided policy is going to be enforced. - reportUri - an uri under, which the violations have to be reported. + reportUri - an uri under which the violations will be reported. prependServletContext (default true) - a flag to prepend or not the Servlet context to the reportUri
(struts-site) branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new 6c901420e Updates stage by Jenkins 6c901420e is described below commit 6c901420e4c79d936da21ea19ea89c2f8efb2991 Author: jenkins AuthorDate: Wed Feb 21 21:38:56 2024 + Updates stage by Jenkins --- content/tag-developers/file-tag.html | 2 +- content/volunteers.html | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/content/tag-developers/file-tag.html b/content/tag-developers/file-tag.html index d34f9e412..6b7ee345a 100644 --- a/content/tag-developers/file-tag.html +++ b/content/tag-developers/file-tag.html @@ -533,7 +533,7 @@ false String -Preset the value of input element. +Ignored during file upload diff --git a/content/volunteers.html b/content/volunteers.html index 5cb8dac0d..ef113046e 100644 --- a/content/volunteers.html +++ b/content/volunteers.html @@ -204,6 +204,7 @@ or committee member. Mathias Bogaert (pathos at apache.org) John Lindal (jafl at apache.org) Bruce A. Phillips (bphillips at apache.org) + Kusal Kithul-Godage (kusal at apache.org) Emeritus Volunteers
(struts-site) branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new 954ff3d78 Updates stage by Jenkins 954ff3d78 is described below commit 954ff3d78ef5de44b32845fd2fb41f87d95aa097 Author: jenkins AuthorDate: Fri Feb 9 06:43:54 2024 + Updates stage by Jenkins
(struts-site) branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new ff0eb98b9 Updates stage by Jenkins ff0eb98b9 is described below commit ff0eb98b96131d8f9a5fac0ef909bd39bb0f4287 Author: jenkins AuthorDate: Fri Feb 9 02:14:12 2024 + Updates stage by Jenkins --- content/plugins/plugins-architecture.html | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/content/plugins/plugins-architecture.html b/content/plugins/plugins-architecture.html index 72b5c3a72..8d3f865bb 100644 --- a/content/plugins/plugins-architecture.html +++ b/content/plugins/plugins-architecture.html @@ -306,7 +306,7 @@ For example, a plugin could provide a new class to create Action classes or map struts.velocity.manager.classname Loads and processes Velocity templates singleton - org.apache.struts2.views.velocity.VelocityManager + org.apache.struts2.views.velocity.VelocityManagerInterface struts.actionValidatorManager @@ -699,7 +699,7 @@ with no-arguments constructor: @Override public void register(ContainerBuilder builder, LocatableProperties props) throws ConfigurationException { -alias(VelocityManager.class, VelocityConstants.STRUTS_VELOCITY_MANAGER_CLASSNAME, builder, props); +alias(VelocityManagerInterface.class, VelocityConstants.STRUTS_VELOCITY_MANAGER_CLASSNAME, builder, props); } }
(struts-site) branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new 7d0e1689d Updates stage by Jenkins 7d0e1689d is described below commit 7d0e1689d2229851ed01ce28a6d2cf1215b4c8dd Author: jenkins AuthorDate: Sat Feb 3 16:44:11 2024 + Updates stage by Jenkins
(struts-site) branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new e1718d71e Updates stage by Jenkins e1718d71e is described below commit e1718d71e91bf7b2aeeff988401f23207dca70be Author: jenkins AuthorDate: Sat Feb 3 16:42:27 2024 + Updates stage by Jenkins --- content/plugins/tiles/index.html | 157 +-- 1 file changed, 83 insertions(+), 74 deletions(-) diff --git a/content/plugins/tiles/index.html b/content/plugins/tiles/index.html index c7fe6cd11..83f1258db 100644 --- a/content/plugins/tiles/index.html +++ b/content/plugins/tiles/index.html @@ -155,6 +155,7 @@ Features Usage + Accessing Struts attributes I18N @@ -180,90 +181,98 @@ look and feel. It can be used for both page decorating and componentization. The following steps must be taken in order to enable tiles support within your Struts2 application: - Include the struts-tiles-plugin as a dependency in your web application. If you are using maven2, the dependency - configuration will be similar to: - ```xml - - -org.apache.struts -struts2-tiles-plugin -${version.tiles} - - -2. Register the Tiles listener. This listener will typically either be the standard tiles listener `org.apache.tiles.listener.TilesListener` - or the Struts2 replacement `org.apache.struts2.tiles.TilesListener`. The latter provides tighter integration with - Struts features such as freemarker integration. - ```xml - listener - listener-classorg.apache.struts2.tiles.StrutsTilesListener/listener-class - /listener - + +Include the struts-tiles-plugin as a dependency in your web application. If you are using maven2, the dependency +configuration will be similar to: + +dependency + groupIdorg.apache.struts/groupId + artifactIdstruts2-tiles-plugin/artifactId + version${version.tiles}/version +/dependency + + + +Register the Tiles listener. This listener will typically either be the standard tiles listener org.apache.tiles.listener.TilesListener +or the Struts2 replacement org.apache.struts2.tiles.TilesListener. The latter provides tighter integration with +Struts features such as freemarker integration. + +listener + listener-classorg.apache.struts2.tiles.StrutsTilesListener/listener-class +/listener + + + +All package definitions, which require tiles support, must either extend the tiles-default package or must register +the Tiles Result type definition. - - All package definitions, which require tiles support, must either extend the tiles-default package or must register - the Tiles Result type definition. - ```xml - - - - - -4. Configure your actions to utilize a tiles definition: - ```xml - action name="sample" class="org.apache.struts2.tiles.example.SampleAction" -result name="success" type="tiles"tilesWorks/result - /action - +result-types + result-type name="tiles" class="org.apache.struts2.views.tiles.TilesResult"/ +/result-types + + + +Configure your actions to utilize a tiles definition: - - Instead of xml configuration you can use annotations - @Result(name = "success", type="tiles") - @TilesDefinition(extend = "fooLayout", putAttributes = { - @TilesPutAttribute(name = "header", value = "/WEB-INF/tiles/header.jsp"), - @TilesPutAttribute(name = "body", value = "/WEB-INF/tiles/body.ftl") - }) - public class FooAction extends ActionSupport { +action name="sample" class="org.apache.struts2.tiles.example.SampleAction" + result name="success" type="tiles"tilesWorks/result +/action + + + +Instead of xml configuration you can use annotations + +@Result(name = "success", type="tiles") +@TilesDefinition(extend = "fooLayout", putAttributes = { +@TilesPutAttribute(name = "header", value = "/WEB-INF/tiles/header.jsp"), +@TilesPutAttribute(name = "body", value = "/WEB-INF/tiles/body.ftl") +}) +public class FooAction extends ActionSupport { + + + +You have to define Tiles Definitions in a tiles.xml file. That can be placed in resources or in WEB-INF. + +!DOCTYPE tiles-definitions PUBLIC +"-//Apache Software Foundation//DTD Tiles Configuration 3.0//EN" +"http://tiles.apache.org/dtds/tiles-config_3_0.dtd"; +tiles-definitions + +definition name="fooLayout" template="/WEB-INF/tiles/layout.jsp" +put-attribute name="title" value="Tiles Sample"/ +put-attribute name="header" value=".header"/ +put-attribute name="body" value=".bodyp"/ +/definition + +definition name="tilesWorks" extends="fooLayout" +put-attribute name="header" value="/WEB-INF/tiles/header.jsp"/ +put-attribute name="body" value="/WEB-INF/tiles/body.jsp"/ +/definition +
(struts-site) branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new bfe5f6220 Updates stage by Jenkins bfe5f6220 is described below commit bfe5f6220baefc4c79580abc9194907aba220e92 Author: jenkins AuthorDate: Sat Feb 3 16:17:13 2024 + Updates stage by Jenkins --- content/plugins/tiles/index.html | 138 ++- 1 file changed, 63 insertions(+), 75 deletions(-) diff --git a/content/plugins/tiles/index.html b/content/plugins/tiles/index.html index 29508682b..c7fe6cd11 100644 --- a/content/plugins/tiles/index.html +++ b/content/plugins/tiles/index.html @@ -155,7 +155,6 @@ Features Usage - Accessing Struts attributes I18N @@ -182,103 +181,92 @@ look and feel. It can be used for both page decorating and componentization. Include the struts-tiles-plugin as a dependency in your web application. If you are using maven2, the dependency - configuration will be similar to: + configuration will be similar to: + ```xml - - dependency -groupIdorg.apache.struts/groupId -artifactIdstruts2-tiles-plugin/artifactId -version${version.tiles}/version - /dependency - - - Register the Tiles listener. This listener will typically either be the standard tiles listener org.apache.tiles.listener.TilesListener - or the Struts2 replacement org.apache.struts2.tiles.TilesListener. The latter provides tighter integration with - Struts features such as freemarker integration. - - - listener -listener-classorg.apache.struts2.tiles.StrutsTilesListener/listener-class - /listener + +org.apache.struts +struts2-tiles-plugin +${version.tiles} + + +2. Register the Tiles listener. This listener will typically either be the standard tiles listener `org.apache.tiles.listener.TilesListener` + or the Struts2 replacement `org.apache.struts2.tiles.TilesListener`. The latter provides tighter integration with + Struts features such as freemarker integration. + ```xml + listener + listener-classorg.apache.struts2.tiles.StrutsTilesListener/listener-class + /listener All package definitions, which require tiles support, must either extend the tiles-default package or must register - the Tiles Result type definition. - - - result-types -result-type name="tiles" class="org.apache.struts2.views.tiles.TilesResult"/ - /result-types - - - - Configure your actions to utilize a tiles definition: + the Tiles Result type definition. + ```xml - - action name="sample" class="org.apache.struts2.tiles.example.SampleAction" -result name="success" type="tiles"tilesWorks/result - /action + + + + +4. Configure your actions to utilize a tiles definition: + ```xml + action name="sample" class="org.apache.struts2.tiles.example.SampleAction" +result name="success" type="tiles"tilesWorks/result + /action - Instead of xml configuration you can use annotations - - - @Result(name = "success", type="tiles") + Instead of xml configuration you can use annotations + @Result(name = "success", type="tiles") @TilesDefinition(extend = "fooLayout", putAttributes = { - @TilesPutAttribute(name = "header", value = "/WEB-INF/tiles/header.jsp"), - @TilesPutAttribute(name = "body", value = "/WEB-INF/tiles/body.ftl") + @TilesPutAttribute(name = "header", value = "/WEB-INF/tiles/header.jsp"), + @TilesPutAttribute(name = "body", value = "/WEB-INF/tiles/body.ftl") }) public class FooAction extends ActionSupport { - - - - You have to define Tiles Definitions in a tiles.xml file. That can be placed in resources or in WEB-INF. + + + You have to define Tiles Definitions in a tiles.xml file. That can be placed in resources or in WEB-INF. + ```xml + !DOCTYPE tiles-definitions PUBLIC + “-//Apache Software Foundation//DTD Tiles Configuration 3.0//EN” + “http://tiles.apache.org/dtds/tiles-config_3_0.dtd”; - - !DOCTYPE tiles-definitions PUBLIC - "-//Apache Software Foundation//DTD Tiles Configuration 3.0//EN" - "http://tiles.apache.org/dtds/tiles-config_3_0.dtd"; - tiles-definitions + - definition name="fooLayout" template="/WEB-INF/tiles/layout.jsp" - put-attribute name="title" value="Tiles Sample"/ - put-attribute name="header" value=".header"/ - put-attribute name="body" value=".bodyp"/ - /definition + + + + + - definition name="tilesWorks" extends="fooLayout" - put-attribute name="header" value="/WEB-INF/tiles/header.jsp"/ - put-attribute name="body" value="/WEB-INF/tiles/body.jsp"/ - /definition + + + + - /tiles-definitions - - -As from Struts 2.3.28, the plugin automatically loads
(struts-site) branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new 33da120ed Updates stage by Jenkins 33da120ed is described below commit 33da120ed2e79738d0f29a6f2021210f3db995d8 Author: jenkins AuthorDate: Sat Feb 3 15:20:45 2024 + Updates stage by Jenkins --- content/plugins/tiles/index.html | 129 +++ 1 file changed, 62 insertions(+), 67 deletions(-) diff --git a/content/plugins/tiles/index.html b/content/plugins/tiles/index.html index 0b3f05e38..29508682b 100644 --- a/content/plugins/tiles/index.html +++ b/content/plugins/tiles/index.html @@ -164,8 +164,8 @@ Installation -Tiles is a templating framework designed to easily allow the creation of web application pages with a consistent look and feel. It can -be used for both page decorating and componentization. +Tiles is a templating framework designed to easily allow the creation of web application pages with a consistent +look and feel. It can be used for both page decorating and componentization. The Tiles plugin allows actions to return Tiles pages. @@ -181,91 +181,85 @@ be used for both page decorating and componentization. The following steps must be taken in order to enable tiles support within your Struts2 application: - Include the struts-tiles-plugin as a dependency in your web application. If you are using maven2, the dependency configuration will - be similar to: + Include the struts-tiles-plugin as a dependency in your web application. If you are using maven2, the dependency + configuration will be similar to: -dependency - groupIdorg.apache.struts/groupId - artifactIdstruts2-tiles-plugin/artifactId - version${version.tiles}/version -/dependency - + dependency +groupIdorg.apache.struts/groupId +artifactIdstruts2-tiles-plugin/artifactId +version${version.tiles}/version + /dependency - - Register the tiles listener. This listener will typically either be the standard tiles listener org.apache.tiles.listener.TilesListener - or the Struts2 replacement org.apache.struts2.tiles.TilesListener. The latter provides tighter integration with Struts features such - as freemarker integration. + Register the Tiles listener. This listener will typically either be the standard tiles listener org.apache.tiles.listener.TilesListener + or the Struts2 replacement org.apache.struts2.tiles.TilesListener. The latter provides tighter integration with + Struts features such as freemarker integration. -listener - listener-classorg.apache.struts2.tiles.StrutsTilesListener/listener-class -/listener - + listener +listener-classorg.apache.struts2.tiles.StrutsTilesListener/listener-class + /listener - All package definitions which require tiles support must either extend the tiles-default package or must register - the [Tiles Result] type definition. + All package definitions, which require tiles support, must either extend the tiles-default package or must register + the Tiles Result type definition. -result-types - result-type name="tiles" class="org.apache.struts2.views.tiles.TilesResult"/ -/result-types - + result-types +result-type name="tiles" class="org.apache.struts2.views.tiles.TilesResult"/ + /result-types Configure your actions to utilize a tiles definition: -action name="sample" class="org.apache.struts2.tiles.example.SampleAction" - result name="success" type="tiles"tilesWorks/result -/action - + action name="sample" class="org.apache.struts2.tiles.example.SampleAction" +result name="success" type="tiles"tilesWorks/result + /action Instead of xml configuration you can use annotations -@Result(name = "success", type="tiles") -@TilesDefinition(extend = "fooLayout", putAttributes = { -@TilesPutAttribute(name = "header", value = "/WEB-INF/tiles/header.jsp"), -@TilesPutAttribute(name = "body", value = "/WEB-INF/tiles/body.ftl") -}) -public class FooAction extends ActionSupport { + @Result(name = "success", type="tiles") + @TilesDefinition(extend = "fooLayout", putAttributes = { + @TilesPutAttribute(name = "header", value = "/WEB-INF/tiles/header.jsp"), + @TilesPutAttribute(name = "body", value = "/WEB-INF/tiles/body.ftl") + }) + public class FooAction extends ActionSupport { - You have to define Tiles Definitons in a tiles.xml file. That can be placed in resources or in WEB-INF. + You have to define Tiles Definitions in a tiles.xml file. That can be placed in resources or in WEB-INF. -!DOCTYPE tiles-definitions PUBLIC -"-//Apache Software Foundation//DTD Tiles Configuration 3.0//EN" -"http://tiles.apache.org/dtds/tiles-config_3_0.dtd"; - -tiles-definitions - -definition name="fooLayout"
(struts-site) branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new d9cd5e9de Updates stage by Jenkins d9cd5e9de is described below commit d9cd5e9ded39663f9d1b5b4c03b6c6640ab29030 Author: jenkins AuthorDate: Fri Feb 2 06:29:54 2024 + Updates stage by Jenkins
(struts-site) branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new 3aec2dea4 Updates stage by Jenkins 3aec2dea4 is described below commit 3aec2dea433007894c5ecaec2df9fa622613159f Author: jenkins AuthorDate: Thu Feb 1 16:53:16 2024 + Updates stage by Jenkins --- content/getting-started/processing-forms.html | 13 +++-- content/security/index.html | 25 + 2 files changed, 20 insertions(+), 18 deletions(-) diff --git a/content/getting-started/processing-forms.html b/content/getting-started/processing-forms.html index 8569a2b6c..51e121188 100644 --- a/content/getting-started/processing-forms.html +++ b/content/getting-started/processing-forms.html @@ -345,12 +345,13 @@ the String constant SUCCESS -The personBean object of type Person declared in the Register Action class matches the personBean name we used in -the form’s textfields. When the form is submitted, the Struts 2 framework will inspect the Action class and look for -an object named personBean. It will create that object using the Person class’s default constructor. Then for each -form field that has a name value of personBean.someAttribute (e.g personBean.firstName) it will call the personBean’s -public set method for that attribute and pass it the form field’s value (the user input). This all happens before -the execute method occurs. +The personBean getter of return type Person declared in the Register Action class matches the personBean name we +used in the form’s textfields. When the form is submitted, the Struts 2 framework will inspect the Action class and look +for a getter for personBean. If it returns null and a matching setter exists, it will create that object using the +Person class’s default constructor and set it using the setter. Note that the setter can be omitted if your Action +initialises the field on construction. Then for each form field that has a name value of personBean.someAttribute +(e.g personBean.firstName) it will call the personBean’s public set method for that attribute and pass it the form +field’s value (the user input). This all happens before the execute method occurs. When Struts 2 runs the execute method of class Register, the personBean object in class Register now has values for its instance fields that are equal to the values the user entered into the corresponding form fields. diff --git a/content/security/index.html b/content/security/index.html index df53870e4..a3c6bb9b2 100644 --- a/content/security/index.html +++ b/content/security/index.html @@ -341,7 +341,7 @@ annotate should only ever return a DTO or a collection/hierarchy of DTOs. Do NOT references with your parameter injection methods and DTOs. Additionally, any database DTOs should be entirely separate from request parameter/form DTOs. -Do NOT under any circumstance, annotate a method that returns one of the following unsafe objects: +Do NOT, under any circumstance, annotate a method that returns one of the following unsafe objects: live Hibernate persistent objects container or Spring-managed beans, or any other live components/services @@ -363,7 +363,7 @@ as possible. Note: Only relevant if you are not using struts.parameters.requireAnnotations=true as per the previous section. -You should carefully design your actions without exposing anything via setters and getters, thus can leads to potential +You should carefully design your actions without exposing anything via setters and getters, this can lead to potential security vulnerabilities. Any action’s setter can be used to set incoming untrusted user’s value which can contain suspicious expression. Some Struts Results automatically populate params based on values in ValueStack (action in most cases is the root) which means incoming value will be evaluated as an expression during @@ -556,12 +556,14 @@ to the ActionContext from OGNL expressions entirely. Note that before disabling access to the ActionContext from OGNL expressions, you should ensure that your application does not rely on this capability. OGNL expressions may access the context directly using the # operator, or indirectly -using the OgnlValueStack’s fallback to context lookup capability. As of Struts 6.4.0, the Set and Action Struts -components require ActionContext access from OGNL expressions. +using the OgnlValueStack’s fallback to context lookup capability. As of Struts 6.4.0, the Set, Iterator and Action +Struts components require ActionContext access from OGNL expressions. To disable access to the ActionContext from OGNL expressions, set the following constants in your struts.xml or -struts.properties file. Please also refer to the documentation below for further details on these
(struts-site) branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new 7df010d27 Updates stage by Jenkins 7df010d27 is described below commit 7df010d27df8fb06ebcdf5cb85b359802131a82c Author: jenkins AuthorDate: Thu Feb 1 16:52:35 2024 + Updates stage by Jenkins --- content/getting-started/processing-forms.html | 12 ++-- 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/content/getting-started/processing-forms.html b/content/getting-started/processing-forms.html index d572d5194..8569a2b6c 100644 --- a/content/getting-started/processing-forms.html +++ b/content/getting-started/processing-forms.html @@ -329,12 +329,12 @@ the Struts 2 framework. We need an Action class to process this form. If you rec In the Register class, note that we’ve declared an attribute named personBean of type Person, there are public getter and setter methods for this object, and the getter is annotated with @StrutsParameter(depth = 1). -In the previous Coding Struts 2 Actions tutorial, we annotated the username setter, -which took a simple String as its parameter type, with @StrutsParameter. In this example, we are using a “Bean” -object (sometimes referred to as a DTO or model object) to encapsulate the form data. When we choose to use a DTO -instead of a primitive, String, or other TypeConverter supported object, we must annotate the getter -method instead, and also assign a depth corresponding to how deep the DTO graph is. In this case, the Person object -does not have any further DTOs or collections within it, so a depth of 1 will suffice. +In the previous Coding Struts 2 Actions tutorial, we annotated the username setter, which took a +simple String as its parameter type, with @StrutsParameter. In this example, we are using a “Bean” object (sometimes +referred to as a DTO or model object) to encapsulate the form data. When we choose to use a DTO instead of a primitive, +String, or other TypeConverter supported object, we must annotate the getter method instead, and also assign a depth +corresponding to how deep the DTO graph is. In this case, the Person object does not have any further DTOs or +collections within it, so a depth of 1 will suffice. For more information on these annotations and their security implications, please refer to Security.
(struts-site) branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new 13a38f001 Updates stage by Jenkins 13a38f001 is described below commit 13a38f001b2f6df7fc275c91ae1f75a10b9ff0dc Author: jenkins AuthorDate: Mon Jan 29 18:17:40 2024 + Updates stage by Jenkins --- content/core-developers/basic-validation.html | 3 + content/core-developers/client-validation.html | 3 + content/core-developers/conversion-validator.html | 3 +- .../core-developers/file-upload-interceptor.html | 3 + content/core-developers/file-upload.html | 9 +++ .../type-conversion-annotation.html| 4 ++ content/core-developers/type-conversion.html | 2 + .../using-non-field-validators.html| 3 + .../using-visitor-field-validator.html | 1 + content/core-developers/validation-annotation.html | 1 + content/core-developers/validation.html| 1 + content/core-developers/wildcard-mappings.html | 2 + content/getting-started/coding-actions.html| 4 +- content/getting-started/processing-forms.html | 19 -- content/plugins/junit/index.html | 1 + .../plugins/portlet/struts-2-portlet-tutorial.html | 10 ++- content/security/index.html| 79 +- 17 files changed, 139 insertions(+), 9 deletions(-) diff --git a/content/core-developers/basic-validation.html b/content/core-developers/basic-validation.html index 8df18d572..1da220948 100644 --- a/content/core-developers/basic-validation.html +++ b/content/core-developers/basic-validation.html @@ -215,6 +215,7 @@ return name; } + @StrutsParameter public void setName(String name) { this.name = name; } @@ -223,6 +224,7 @@ return age; } + @StrutsParameter public void setAge(int age) { this.age = age; } @@ -231,6 +233,7 @@ return answer; } + @StrutsParameter public void setAnswer(String answer) { this.answer = answer; } diff --git a/content/core-developers/client-validation.html b/content/core-developers/client-validation.html index c922bc167..6b770499f 100644 --- a/content/core-developers/client-validation.html +++ b/content/core-developers/client-validation.html @@ -212,6 +212,7 @@ return name; } + @StrutsParameter public void setName(String name) { this.name = name; } @@ -220,6 +221,7 @@ return age; } + @StrutsParameter public void setAge(int age) { this.age = age; } @@ -228,6 +230,7 @@ return answer; } + @StrutsParameter public void setAnswer(String answer) { this.answer = answer; } diff --git a/content/core-developers/conversion-validator.html b/content/core-developers/conversion-validator.html index 2769f41f2..3c07fa73d 100644 --- a/content/core-developers/conversion-validator.html +++ b/content/core-developers/conversion-validator.html @@ -228,7 +228,8 @@ property set to true, it will, meaning the textfield will have ‘one’ as its public Integer getMyIntegerField() { return this.myIntegerField; } - + +@StrutsParameter public void setMyIntegerField(Integer myIntegerField) { this.myIntegerField = myIntegerField; } diff --git a/content/core-developers/file-upload-interceptor.html b/content/core-developers/file-upload-interceptor.html index 514c6ede1..7aa55be6a 100644 --- a/content/core-developers/file-upload-interceptor.html +++ b/content/core-developers/file-upload-interceptor.html @@ -239,14 +239,17 @@ and which are not. private String contentType; private String filename; + @StrutsParameter public void setUpload(File file) { this.file = file; } + @StrutsParameter public void setUploadContentType(String contentType) { this.contentType = contentType; } + @StrutsParameter public void setUploadFileName(String filename) { this.filename = filename; } diff --git a/content/core-developers/file-upload.html b/content/core-developers/file-upload.html index c9d2e8274..124b60edf 100644 --- a/content/core-developers/file-upload.html +++ b/content/core-developers/file-upload.html @@ -264,14 +264,17 @@ class. For a form field named private String contentType; private String filename; +@StrutsParameter public void setUpload(File file) { this.file = file; } +@StrutsParameter public void setUploadContentType(String contentType) {
(struts-site) branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new 05354faed Updates stage by Jenkins 05354faed is described below commit 05354faed959b86cc25855882675cc0407c589c7 Author: jenkins AuthorDate: Sun Jan 28 09:11:33 2024 + Updates stage by Jenkins
(struts-site) branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new 054d562a4 Updates stage by Jenkins 054d562a4 is described below commit 054d562a4080791eb9198e29961cb833666dd87c Author: jenkins AuthorDate: Sun Jan 28 09:07:00 2024 + Updates stage by Jenkins --- content/tag-developers/iterator-tag.html | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/content/tag-developers/iterator-tag.html b/content/tag-developers/iterator-tag.html index cba519d83..c9f77f48e 100644 --- a/content/tag-developers/iterator-tag.html +++ b/content/tag-developers/iterator-tag.html @@ -252,9 +252,9 @@ The begin, Values generated by the tag are subject of internal conversion mechanism. It means when generating ordinary numbers and then using them with s:property/, the Integers will be converted to Strings using the current locale. -This can impact how the numbers are presented. To avoid conversion you can use the status object and its countStr -and indexStr which are a String representation of the numbers. The following example demonstrates the case when -using fa_IR locale: +This can impact how the numbers are presented. Since Struts 6.4.0 to avoid conversion you can use the status object +and its countStr and indexStr which are a String representation of the numbers. The following example demonstrates +the case when using fa_IR locale: s:iterator begin="1" end="3" status="status" s:property/
(struts-site) branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new 18708c8bb Updates stage by Jenkins 18708c8bb is described below commit 18708c8bbedb899db596edb6d22bc64a396a4bbf Author: jenkins AuthorDate: Sun Jan 28 08:56:02 2024 + Updates stage by Jenkins
(struts-site) branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new 8e3e28cd0 Updates stage by Jenkins 8e3e28cd0 is described below commit 8e3e28cd087b1647dd08eb2599e6fd9271ad76dd Author: jenkins AuthorDate: Sun Jan 28 08:47:41 2024 + Updates stage by Jenkins --- content/tag-developers/iterator-tag.html | 35 +--- 1 file changed, 32 insertions(+), 3 deletions(-) diff --git a/content/tag-developers/iterator-tag.html b/content/tag-developers/iterator-tag.html index b9dbf0de6..cba519d83 100644 --- a/content/tag-developers/iterator-tag.html +++ b/content/tag-developers/iterator-tag.html @@ -150,7 +150,14 @@ << back to Tag Reference -iterator +iterator + + + Description + Attributes + Conversion + Examples + Please make sure you have read the Tag Syntax document and understand how tag attribute syntax works. @@ -241,6 +248,28 @@ The begin, +Conversion + +Values generated by the tag are subject of internal conversion mechanism. It means when generating ordinary numbers +and then using them with s:property/, the Integers will be converted to Strings using the current locale. +This can impact how the numbers are presented. To avoid conversion you can use the status object and its countStr +and indexStr which are a String representation of the numbers. The following example demonstrates the case when +using fa_IR locale: + +s:iterator begin="1" end="3" status="status" +s:property/ +s:textfield id="text_%{#status.countStr}" name="test[%{#status.indexStr}]"/ +/s:iterator + + +۰ +input type="text" name="test[0]" value="" id="text_1" +۱ +input type="text" name="test[1]" value="" id="text_2" +۲ +input type="text" name="test[2]" value="" id="text_3" + + Examples The following example retrieves the value of the getDays() method of the current object on the value stack and uses @@ -251,8 +280,8 @@ it to iterate over. The s /s:iterator -The following example uses a {@link Bean} tag and places it into the ActionContext. The iterator tag will retrieve that -object from the ActionContext and then calls its getDays() method as above. The status attribute is also used +The following example uses a Bean tag and places it into the ActionContext. The iterator tag will retrieve +that object from the ActionContext and then calls its getDays() method as above. The status attribute is also used to create an IteratorStatus object, which in this example, its odd() method is used to alternate row colours: s:bean name="org.apache.struts2.example.IteratorExample" var="it"
(struts-site) branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new cb6a8c8dd Updates stage by Jenkins cb6a8c8dd is described below commit cb6a8c8ddb2f89c2c927c3a6c8dc1dc411af89f4 Author: jenkins AuthorDate: Sun Jan 28 08:37:39 2024 + Updates stage by Jenkins
(struts-site) branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new cfa365566 Updates stage by Jenkins cfa365566 is described below commit cfa365566dc50ce230eb32618ff15281c9af3544 Author: jenkins AuthorDate: Wed Jan 17 12:35:32 2024 + Updates stage by Jenkins --- content/core-developers/csp-interceptor.html | 1 + 1 file changed, 1 insertion(+) diff --git a/content/core-developers/csp-interceptor.html b/content/core-developers/csp-interceptor.html index 69a8a4684..2b161917b 100644 --- a/content/core-developers/csp-interceptor.html +++ b/content/core-developers/csp-interceptor.html @@ -179,6 +179,7 @@ header is sent and Content-Se enforcingMode (default false) - When set to “true”, the enforce mode has been enabled, and the provided policy is going to be enforced. reportUri - an uri under, which the violations have to be reported. + prependServletContext (default true) - a flag to prepend or not the Servlet context to the reportUri Report action
(struts-site) branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new f7ec55ec6 Updates stage by Jenkins f7ec55ec6 is described below commit f7ec55ec6fcf3ccf7177a8dbc643625a40165740 Author: jenkins AuthorDate: Fri Jan 12 12:27:40 2024 + Updates stage by Jenkins
(struts-site) branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new 98313700b Updates stage by Jenkins 98313700b is described below commit 98313700b6607b623821d845904e105c11eb4ead Author: jenkins AuthorDate: Thu Jan 11 08:18:56 2024 + Updates stage by Jenkins --- content/core-developers/action-file-upload-interceptor.html | 2 +- content/core-developers/file-upload.html| 7 --- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/content/core-developers/action-file-upload-interceptor.html b/content/core-developers/action-file-upload-interceptor.html index 1c99c5b98..310dffc9d 100644 --- a/content/core-developers/action-file-upload-interceptor.html +++ b/content/core-developers/action-file-upload-interceptor.html @@ -229,7 +229,7 @@ and which are not. @Override public void withUploadedFiles(ListUploadedFile uploadedFiles) { - if (!uploadedFiles.isEmpty() 0) { + if (!uploadedFiles.isEmpty()) { this.uploadedFile = uploadedFiles.get(0); this.fileName = uploadedFile.getName(); this.contentType = uploadedFile.getContentType(); diff --git a/content/core-developers/file-upload.html b/content/core-developers/file-upload.html index 9438fb836..c9d2e8274 100644 --- a/content/core-developers/file-upload.html +++ b/content/core-developers/file-upload.html @@ -196,8 +196,9 @@ The library is included in a base Struts 2 distribution. Basic Usage The org.apache.struts2.interceptor.FileUploadInterceptor and org.apache.struts2.interceptor.ActionFileUploadInterceptor -classes is included as part of the defaultStack. As long as the required libraries are added to your project you will be able -to take advantage of the Struts 2 file upload capability. Configure an Action mapping for your Action class as you typically would. +interceptors are included as part of the defaultStack and named appropriately: fileUpload and actionFileUpload. +As long as the required libraries are added to your project you will be able to take advantage of the Struts 2 file upload +capability. Configure an Action mapping for your Action class as you typically would. Example action mapping: @@ -232,7 +233,7 @@ information and content of uploaded file. Your action should implement the inter @Override public void withUploadedFiles(ListUploadedFile uploadedFiles) { -if (!uploadedFiles.isEmpty() 0) { +if (!uploadedFiles.isEmpty()) { this.uploadedFile = uploadedFiles.get(0); this.fileName = uploadedFile.getName(); this.contentType = uploadedFile.getContentType();
(struts-site) branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new 820a53c18 Updates stage by Jenkins 820a53c18 is described below commit 820a53c18ef125364faf11162ab8f995728757c6 Author: jenkins AuthorDate: Wed Jan 10 07:58:30 2024 + Updates stage by Jenkins --- ...or.html => action-file-upload-interceptor.html} | 77 .../core-developers/file-upload-interceptor.html | 6 +- content/core-developers/file-upload.html | 49 +- content/core-developers/interceptors.html | 194 +++-- content/download.html | 2 +- 5 files changed, 182 insertions(+), 146 deletions(-) diff --git a/content/core-developers/file-upload-interceptor.html b/content/core-developers/action-file-upload-interceptor.html similarity index 77% copy from content/core-developers/file-upload-interceptor.html copy to content/core-developers/action-file-upload-interceptor.html index 800fd990d..1c99c5b98 100644 --- a/content/core-developers/file-upload-interceptor.html +++ b/content/core-developers/action-file-upload-interceptor.html @@ -7,7 +7,7 @@ - File Upload Interceptor + Action File Upload Interceptor @@ -146,25 +146,21 @@ -https://github.com/apache/struts-site/edit/master/source/core-developers/file-upload-interceptor.md; title="Edit this page on GitHub">Edit on GitHub +https://github.com/apache/struts-site/edit/master/source/core-developers/action-file-upload-interceptor.md; title="Edit this page on GitHub">Edit on GitHub -<< back to Interceptors +<< back to Interceptors -File Upload Interceptor +Action File Upload Interceptor + + + Available since Struts 6.4.0 as replacement for File Upload Interceptor + See this page for more examples and advanced configuration. Interceptor that is based off of MultiPartRequestWrapper, which is automatically applied for any request that includes -a file. It adds the following parameters, where file name is the name given to the file uploaded by the HTML form: - - - file name: File - the actual File - file nameContentType: String - the content type of the file - file nameFileName: String - the actual name of the file uploaded (not the HTML name) - - -You can get access to these files by merely providing setters in your action that correspond to any of the three patterns -above, such as setDocument(File document), setDocumentContentType(String contentType), etc. +a file. If an action implements org.apache.struts2.action.UploadedFilesAware interface, the interceptor will pass +information and content of uploaded files using the callback method withUploadedFiles(ListUploadedFile). See the example code section. @@ -203,7 +199,7 @@ and which are not. Example action mapping: action name="doUpload" class="com.example.UploadAction" - interceptor-ref name="fileUpload"/ + interceptor-ref name="actionFileUpload"/ interceptor-ref name="basicStack"/ result name="success"good_result.jsp/result /action @@ -225,34 +221,27 @@ and which are not. Example Action class: -package com.example; - -import java.io.File; -import com.opensymphony.xwork2.ActionSupport; - -public UploadAction extends ActionSupport { - private File file; - private String contentType; - private String filename; - - public void setUpload(File file) { - this.file = file; - } - - public void setUploadContentType(String contentType) { - this.contentType = contentType; - } - - public void setUploadFileName(String filename) { - this.filename = filename; - } - - public String execute() { - //... - return SUCCESS; - } - } - +public class UploadAction extends ActionSupport implements UploadedFilesAware { + private UploadedFile uploadedFile; + private String contentType; + private String fileName; + private String originalName; + + @Override + public void withUploadedFiles(ListUploadedFile uploadedFiles) { + if (!uploadedFiles.isEmpty() 0) { + this.uploadedFile = uploadedFiles.get(0); + this.fileName = uploadedFile.getName(); + this.contentType = uploadedFile.getContentType(); + this.originalName = uploadedFile.getOriginalName(); + } + } + + public String execute() { + //do something with the file + return SUCCESS; + } +} Setting parameters example: @@ -264,7 +253,7 @@ and which are not. /interceptor-ref -This part is optional and would be done in place of the interceptor-ref name="fileUpload"/ line in the action mapping +This part is optional and would be done in place of the interceptor-ref name="actionFileUpload"/ line in the
(struts-site) branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new b7aff854c Updates stage by Jenkins b7aff854c is described below commit b7aff854cd581f42145c8bc918bc9c5283d13429 Author: jenkins AuthorDate: Tue Jan 9 12:17:14 2024 + Updates stage by Jenkins
(struts-site) branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new a87e86dbd Updates stage by Jenkins a87e86dbd is described below commit a87e86dbd09a1d63a904efe6552e1152fcc5167b Author: jenkins AuthorDate: Wed Jan 3 01:12:43 2024 + Updates stage by Jenkins --- content/security/index.html | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/security/index.html b/content/security/index.html index 477442f7b..998d4b1cc 100644 --- a/content/security/index.html +++ b/content/security/index.html @@ -469,7 +469,7 @@ state. Restricting access to the Struts Context (ActionContext) The Struts ActionContext is a core construct of the Struts framework. It is shared and manipulated throughout the -codebase. From the ActionContext, it is possible to access application parameters, the ‘OgnlValueStack’, the current +codebase. From the ActionContext, it is possible to access application parameters, the OgnlValueStack, the current request/response/session, the servlet context, the Guice container, and a number of other objects either directly or indirectly via the directly exposed objects. The Struts ActionContext enables powerful features and functionality, but it also presents a major security risk if not properly secured.
(struts-site) branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new 2241a52c0 Updates stage by Jenkins 2241a52c0 is described below commit 2241a52c0191763af1fa5d45cd4b83bcba426d9e Author: jenkins AuthorDate: Tue Jan 2 08:49:22 2024 + Updates stage by Jenkins --- content/security/index.html | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/content/security/index.html b/content/security/index.html index 6161c56ea..477442f7b 100644 --- a/content/security/index.html +++ b/content/security/index.html @@ -483,7 +483,9 @@ below) offers much stronger protection. However, for the strongest level of prot to the ActionContext from OGNL expressions entirely. Note that before disabling access to the ActionContext from OGNL expressions, you should ensure that your application -does not rely on this capability. As of Struts 6.4.0, the Set and Action Struts components require this capability. +does not rely on this capability. OGNL expressions may access the context directly using the # operator, or indirectly +using the OgnlValueStack’s fallback to context lookup capability. As of Struts 6.4.0, the Set and Action Struts +components require ActionContext access from OGNL expressions. To disable access to the ActionContext from OGNL expressions, set the following constants in your struts.xml or struts.properties file. Please also refer to the documentation below for further details on these configuration
(struts-site) branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new 63bc6cd39 Updates stage by Jenkins 63bc6cd39 is described below commit 63bc6cd393982825b24a0fa1903458818b1d87a2 Author: jenkins AuthorDate: Tue Jan 2 08:48:47 2024 + Updates stage by Jenkins --- content/plugins/plugins-architecture.html | 12 + content/security/index.html | 41 --- 2 files changed, 50 insertions(+), 3 deletions(-) diff --git a/content/plugins/plugins-architecture.html b/content/plugins/plugins-architecture.html index 02c10f9de..72b5c3a72 100644 --- a/content/plugins/plugins-architecture.html +++ b/content/plugins/plugins-architecture.html @@ -494,6 +494,18 @@ For example, a plugin could provide a new class to create Action classes or map prototype com.opensymphony.xwork2.ognl.SecurityMemberAccess + + struts.compoundRootAccessor + Define a custom CompoundRootAccessor implementation, used to resolve classes and manipulate the CompoundRoot (since 6.4.0) + singleton + com.opensymphony.xwork2.ognl.accessor.RootAccessor + + + struts.methodAccessor + Define a custom MethodAccessor implementation, used to evaluate OGNL method calls (since 6.4.0) + singleton + ognl.MethodAccessor + diff --git a/content/security/index.html b/content/security/index.html index 8a0841857..6161c56ea 100644 --- a/content/security/index.html +++ b/content/security/index.html @@ -172,6 +172,7 @@ Proactively protecting against OGNL Expression Injections attacks Run OGNL expressions inside sandbox + Restricting access to the Struts Context (ActionContext) Apply a maximum allowed length on OGNL expressions OGNL Member Access Additional Options @@ -465,6 +466,36 @@ state. Note: This feature does not work with JDK 21 and above. +Restricting access to the Struts Context (ActionContext) + +The Struts ActionContext is a core construct of the Struts framework. It is shared and manipulated throughout the +codebase. From the ActionContext, it is possible to access application parameters, the ‘OgnlValueStack’, the current +request/response/session, the servlet context, the Guice container, and a number of other objects either directly or +indirectly via the directly exposed objects. The Struts ActionContext enables powerful features and functionality, but +it also presents a major security risk if not properly secured. + +The Struts ActionContext is accessible to OGNL expressions. In the case of an OGNL expression exploit, usually achieved +through some form of server-side template injection or parameter injection, the ActionContext is a prime gadget for +escalation of the vulnerability, often to remote code execution (RCE). Whilst known harmful capabilities of the +ActionContext items are blocked by the OGNL Member Access policy exclusion list (see below), this is not always +effective due to the myriad of changing objects available on the ActionContext. The new allowlist capability (also see +below) offers much stronger protection. However, for the strongest level of protection, we recommend disabling access +to the ActionContext from OGNL expressions entirely. + +Note that before disabling access to the ActionContext from OGNL expressions, you should ensure that your application +does not rely on this capability. As of Struts 6.4.0, the Set and Action Struts components require this capability. + +To disable access to the ActionContext from OGNL expressions, set the following constants in your struts.xml or +struts.properties file. Please also refer to the documentation below for further details on these configuration +options. + +constant name="struts.ognl.valueStackFallbackToContext" value="false"/ +constant name="struts.ognl.excludedNodeTypes" value=" +ognl.ASTThisVarRef, +ognl.ASTVarRef +"/ + + Apply a maximum allowed length on OGNL expressions You can enable this via Struts configuration key struts.ognl.expressionMaxLength (defaults to 256). OGNL thereupon doesn’t evaluate any @@ -513,6 +544,7 @@ with other known dangerous classes or packages in your application. struts.disallowProxyMemberAccess=true - disallow proxied objects from being used in OGNL expressions as they may present a security risk struts.disallowDefaultPackageAccess=true - disallow access to classes in the default package which should not be used in production struts.ognl.disallowCustomOgnlMap=true - disallow construction of custom OGNL maps which can be used to bypass the SecurityMemberAccess policy + struts.ognl.valueStackFallbackToContext=false - disable fallback to OGNL context lookup if expression does not
(struts-site) branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new d3345571c Updates stage by Jenkins d3345571c is described below commit d3345571ce55d37b24a0927875b95aef8b53cb33 Author: jenkins AuthorDate: Mon Jan 1 10:51:39 2024 + Updates stage by Jenkins --- content/getting-started/preperable-interface.html | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/getting-started/preperable-interface.html b/content/getting-started/preperable-interface.html index ff7b5737d..579dde3b1 100644 --- a/content/getting-started/preperable-interface.html +++ b/content/getting-started/preperable-interface.html @@ -7,7 +7,7 @@ - Preperable Interface + Preparable Interface
(struts-site) branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new 87ad9ad59 Updates stage by Jenkins 87ad9ad59 is described below commit 87ad9ad598d0826eb1f2bd59712e445cb26edcda Author: jenkins AuthorDate: Mon Jan 1 10:33:27 2024 + Updates stage by Jenkins --- content/getting-started/http-session.html | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/content/getting-started/http-session.html b/content/getting-started/http-session.html index d72c86c8b..e1e17e1a1 100644 --- a/content/getting-started/http-session.html +++ b/content/getting-started/http-session.html @@ -258,8 +258,7 @@ practices in the Action class that implements the SessionAware interface. the parameter name contains “session” we are telling the Struts 2 framework to ignore that parameter. This will prevent a malicious user from trying to hack the HTTP session object. -Instead of having each action that implements SessionAware also implement the ParameterNameAware interface you can tell t -he params interceptor to exclude specific request attributes for all actions in a package. In struts.xml configure +Instead of having each action that implements SessionAware also implement the ParameterNameAware interface you can tell the params interceptor to exclude specific request attributes for all actions in a package. In struts.xml configure the struts-default set of interceptors as follows: struts.xml configure params interceptor
(struts-site) branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new 825a93a65 Updates stage by Jenkins 825a93a65 is described below commit 825a93a65d8c7e682609e52e60143377e506ac05 Author: jenkins AuthorDate: Mon Jan 1 10:32:48 2024 + Updates stage by Jenkins --- content/getting-started/themes.html | 2 +- content/tag-developers/simple-theme.html | 2 +- content/tag-developers/xhtml-theme.html | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/content/getting-started/themes.html b/content/getting-started/themes.html index 4b7b8d4b7..b7986c0cb 100644 --- a/content/getting-started/themes.html +++ b/content/getting-started/themes.html @@ -200,7 +200,7 @@ to your problem, post a question on the mailing list. Notice how the HTML generated uses table tags to control the layout of the label and select HTML. There is also a class, tdLabel, applied to the table column where the label tag is rendered. Since no theme was specified for the Struts 2 -select tag the default xhmtl theme was used. +select tag the default xhtml theme was used. Specifying The Theme Struts 2 Should Use diff --git a/content/tag-developers/simple-theme.html b/content/tag-developers/simple-theme.html index 75e30fd2d..b94030143 100644 --- a/content/tag-developers/simple-theme.html +++ b/content/tag-developers/simple-theme.html @@ -200,7 +200,7 @@ Ajax/Dojo support so that tags can import Dojo widgets easily. * under the License. */ -- -@s.script src="${base}${parameters.staticContentPath}/utils.js" type="text/javascript" / +@s.script src="${base}${parameters.staticContentPath}/utils.js" / diff --git a/content/tag-developers/xhtml-theme.html b/content/tag-developers/xhtml-theme.html index d492184b3..957f0e661 100644 --- a/content/tag-developers/xhtml-theme.html +++ b/content/tag-developers/xhtml-theme.html @@ -525,7 +525,7 @@ wrapping table, the opening and closing templates also, if the true, enable
(struts-site) branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new cc1adcd06 Updates stage by Jenkins cc1adcd06 is described below commit cc1adcd0634faee265551f0a9f6d52636d00f284 Author: jenkins AuthorDate: Mon Dec 18 06:21:56 2023 + Updates stage by Jenkins
(struts-site) branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new aa62a2faf Updates stage by Jenkins aa62a2faf is described below commit aa62a2faf36c6c8c28024213e95b7b1c8946bd56 Author: jenkins AuthorDate: Mon Dec 18 06:19:53 2023 + Updates stage by Jenkins --- content/core-developers/csp-interceptor.html| 11 +++ content/core-developers/interceptors.html | 9 + content/core-developers/struts-default-xml.html | 9 + 3 files changed, 29 insertions(+) diff --git a/content/core-developers/csp-interceptor.html b/content/core-developers/csp-interceptor.html index a2aab06e1..69a8a4684 100644 --- a/content/core-developers/csp-interceptor.html +++ b/content/core-developers/csp-interceptor.html @@ -155,6 +155,7 @@ Description Parameters + Report action Action aware Examples @@ -180,6 +181,16 @@ is going to be enforced. reportUri - an uri under, which the violations have to be reported. +Report action + +To receive reports about violations against CSP an abstract CspReportAction action has been created, which you can +extend to process the reports. When extending the action you must implement processReport(String) to process the report. +Read JavaDoc of the action for more details. + + + Note: the action must always return an HTTP status 204. + + Action aware Since Struts 6.2.0 it is possible to configure the CSP interceptor by providing the an instance of CspSettings interface. diff --git a/content/core-developers/interceptors.html b/content/core-developers/interceptors.html index e6375deda..ccb418e1e 100644 --- a/content/core-developers/interceptors.html +++ b/content/core-developers/interceptors.html @@ -305,6 +305,7 @@ than reiterate the same list of Interceptors, we can bundle these Interceptors t interceptor name="execAndWait" class="org.apache.struts2.interceptor.ExecuteAndWaitInterceptor"/ interceptor name="exception" class="com.opensymphony.xwork2.interceptor.ExceptionMappingInterceptor"/ interceptor name="fileUpload" class="org.apache.struts2.interceptor.FileUploadInterceptor"/ +interceptor name="actionFileUpload" class="org.apache.struts2.interceptor.ActionFileUploadInterceptor"/ interceptor name="i18n" class="org.apache.struts2.interceptor.I18nInterceptor"/ interceptor name="logger" class="com.opensymphony.xwork2.interceptor.LoggingInterceptor"/ interceptor name="modelDriven" class="com.opensymphony.xwork2.interceptor.ModelDrivenInterceptor"/ @@ -368,6 +369,12 @@ than reiterate the same list of Interceptors, we can bundle these Interceptors t interceptor-ref name="basicStack"/ /interceptor-stack +!-- Action based file upload stack -- +interceptor-stack name="actionFileUploadStack" +interceptor-ref name="actionFileUpload"/ +interceptor-ref name="basicStack"/ +/interceptor-stack + !-- Sample model-driven stack -- interceptor-stack name="modelDrivenStack" interceptor-ref name="modelDriven"/ @@ -412,6 +419,7 @@ than reiterate the same list of Interceptors, we can bundle these Interceptors t interceptor-ref name="chain"/ interceptor-ref name="modelDriven"/ interceptor-ref name="fileUpload"/ +interceptor-ref name="actionFileUpload"/ interceptor-ref name="staticParams"/ interceptor-ref name="actionMappingParams"/ interceptor-ref name="params"/ @@ -450,6 +458,7 @@ than reiterate the same list of Interceptors, we can bundle these Interceptors t interceptor-ref name="scopedModelDriven"/ interceptor-ref name="modelDriven"/ interceptor-ref name="fileUpload"/ +interceptor-ref name="actionFileUpload"/ interceptor-ref name="checkbox"/ interceptor-ref name="datetime"/ interceptor-ref name="multiselect"/ diff --git a/content/core-developers/struts-default-xml.html b/content/core-developers/struts-default-xml.html index fa3262ffb..a8b5f127c 100644 --- a/content/core-developers/struts-default-xml.html +++ b/content/core-developers/struts-default-xml.html @@ -221,6 +221,7 @@ setting in default.properties. interceptor name="execAndWait" class="org.apache.struts2.interceptor.ExecuteAndWaitInterceptor"/ interceptor name="exception" class="com.opensymphony.xwork2.interceptor.ExceptionMappingInterceptor"/ interceptor name="fileUpload" class="org.apache.struts2.interceptor.FileUploadInterceptor"/ +interceptor
(struts-site) branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new be7959f40 Updates stage by Jenkins be7959f40 is described below commit be7959f404b846f71e081a989900b4d10ae9df66 Author: jenkins AuthorDate: Sat Dec 9 06:45:34 2023 + Updates stage by Jenkins --- content/struts25-eol-announcement.html | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/struts25-eol-announcement.html b/content/struts25-eol-announcement.html index 569c1d788..3b37ed9da 100644 --- a/content/struts25-eol-announcement.html +++ b/content/struts25-eol-announcement.html @@ -199,7 +199,7 @@ it on your own. I’m using Apache Struts 6.x.x, what will happen with this version? Struts 6.x.x is still actively supported, we are working on new versions as well as we are preparing -a new Struts 7.x.x version. Migration from Struts 2.5.x to Struts 6.x.x will a way smoother than switching from +a new Struts 7.x.x version. Migration from Struts 2.5.x to Struts 6.x.x will be smoother than switching from Struts 2.5.x to Struts 7.x.x.
(struts-site) branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new ed454fdb2 Updates stage by Jenkins ed454fdb2 is described below commit ed454fdb258c564e5e82573c6be870490b4ee595 Author: jenkins AuthorDate: Thu Dec 7 07:00:15 2023 + Updates stage by Jenkins
(struts-site) branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new c35f5d3df Updates stage by Jenkins c35f5d3df is described below commit c35f5d3dff9d6bba3002b6de4c0d45d9d829 Author: jenkins AuthorDate: Thu Dec 7 06:55:35 2023 + Updates stage by Jenkins --- content/index.html | 14 +++--- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/content/index.html b/content/index.html index c609df743..d85a68a98 100644 --- a/content/index.html +++ b/content/index.html @@ -174,12 +174,12 @@ https://cwiki.apache.org/confluence/display/WW/Version+Notes+6.3.0.2;>Version notes -Apache Struts 6.3.0 GA +Apache Struts 6.3.0.1 GA - Apache Struts 6.3.0 GA has been releasedon 13 September 2023. + Apache Struts 6.3.0.1 GA has been releasedon 13 September 2023. Read more in Announcement or in -https://cwiki.apache.org/confluence/display/WW/Version+Notes+6.3.0;>Version notes +https://cwiki.apache.org/confluence/display/WW/Version+Notes+6.3.0.1;>Version notes Apache Struts 2.5.33 GA @@ -192,12 +192,12 @@ -Apache Struts 6.1.2.2 GA +Apache Struts 6.3.0 GA - Apache Struts 6.1.2.2 GA has been releasedon 13 September 2023. + Apache Struts 6.3.0 GA has been releasedon 4 September 2023. -Read more in Announcement or in -https://cwiki.apache.org/confluence/display/WW/Version+Notes+6.1.2.2;>Version notes +Read more in Announcement or in +https://cwiki.apache.org/confluence/display/WW/Version+Notes+6.3.0;>Version notes Google's Patch Reward program
(struts-site) branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new 44ef777ee Updates stage by Jenkins 44ef777ee is described below commit 44ef777ee5c442c4021cd994a20019e2fce3b2d3 Author: jenkins AuthorDate: Thu Dec 7 06:48:16 2023 + Updates stage by Jenkins --- content/announce-2023.html | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/content/announce-2023.html b/content/announce-2023.html index 9e8dcd6a1..5b72ac13f 100644 --- a/content/announce-2023.html +++ b/content/announce-2023.html @@ -151,7 +151,7 @@ Announcements 2023 - 7 December 2023 - Apache Struts version 6.3.0.2 General Availability + 7 December 2023 - Apache Struts version 6.3.0.2 General Availability 7 December 2023 - Apache Struts version 2.5.33 General Availability 30 October 2023 - Apache Struts 2.5.x End-Of-Life (EOL) Announcement 13 September 2023 - Apache Struts version 6.3.0.1 General Availability @@ -168,7 +168,7 @@ Skip to: Announcements - 2022 -7 December 2023 - Apache Struts version 6.3.0.2 General Availability +7 December 2023 - Apache Struts version 6.3.0.2 General Availability The Apache Struts group is pleased to announce that Apache Struts version 6.3.0.2 is available as a “General Availability” release. The GA designation is our highest quality grade.
(struts-site) branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new 02fd62834 Updates stage by Jenkins 02fd62834 is described below commit 02fd628348c5d1a590170739fbb629b6e8775b0c Author: jenkins AuthorDate: Thu Dec 7 06:31:01 2023 + Updates stage by Jenkins --- content/announce-2023.html | 58 content/download.html | 84 +++--- content/index.html | 22 ++-- content/releases.html | 2 +- 4 files changed, 112 insertions(+), 54 deletions(-) diff --git a/content/announce-2023.html b/content/announce-2023.html index ea9092138..9e8dcd6a1 100644 --- a/content/announce-2023.html +++ b/content/announce-2023.html @@ -151,6 +151,8 @@ Announcements 2023 + 7 December 2023 - Apache Struts version 6.3.0.2 General Availability + 7 December 2023 - Apache Struts version 2.5.33 General Availability 30 October 2023 - Apache Struts 2.5.x End-Of-Life (EOL) Announcement 13 September 2023 - Apache Struts version 6.3.0.1 General Availability 13 September 2023 - Apache Struts version 6.1.2.2 General Availability @@ -166,6 +168,62 @@ Skip to: Announcements - 2022 +7 December 2023 - Apache Struts version 6.3.0.2 General Availability + +The Apache Struts group is pleased to announce that Apache Struts version 6.3.0.2 is available as a “General Availability” +release. The GA designation is our highest quality grade. + +The Apache Struts is an elegant, extensible framework for creating enterprise-ready Java web applications. +The framework has been designed to streamline the full development cycle, from building, to deploying, +to maintaining applications over time. + +This version addresses a potential security vulnerability identified as CVE-2023-50164 and described +in https://cwiki.apache.org/confluence/display/WW/S2-066;>S2-066 - please read the mentioned security bulletins for more details. +This is a drop-in replacement and upgrade should be straightforward. + + + Please read the https://cwiki.apache.org/confluence/display/WW/Version+Notes+6.3.0.2;>Version Notes to find more details about performed +bug fixes and improvements. + + +All developers are strongly advised to perform this upgrade. + +The 6.x series of the Apache Struts framework has a minimum requirement of the following specification versions: +Servlet API 3.1, JSP API 2.1, and Java 8. + +Should any issues arise with your use of any version of the Struts framework, please post your comments to the user list, +and, if appropriate, file https://issues.apache.org/jira/projects/WW/;>a tracking ticket. + +You can download this version from our download page. + +7 December 2023 - Apache Struts version 2.5.33 General Availability + +The Apache Struts group is pleased to announce that Apache Struts version 2.5.33 is available as a “General Availability” +release. The GA designation is our highest quality grade. + +The Apache Struts is an elegant, extensible framework for creating enterprise-ready Java web applications. +The framework has been designed to streamline the full development cycle, from building, to deploying, +to maintaining applications over time. + +This version addresses a potential security vulnerability identified as CVE-2023-50164 and described +in https://cwiki.apache.org/confluence/display/WW/S2-066;>S2-066 - please read the mentioned security bulletins for more details. +This is a drop-in replacement and upgrade should be straightforward. + + + Please read the https://cwiki.apache.org/confluence/display/WW/Version+Notes+2.5.33;>Version Notes to find more details about performed +bug fixes and improvements. + + +All developers are strongly advised to perform this upgrade. + +The 6.x series of the Apache Struts framework has a minimum requirement of the following specification versions: +Servlet API 3.1, JSP API 2.1, and Java 8. + +Should any issues arise with your use of any version of the Struts framework, please post your comments to the user list, +and, if appropriate, file https://issues.apache.org/jira/projects/WW/;>a tracking ticket. + +You can download this version from our download page. + 30 October 2023 - Apache Struts 2.5.x End-Of-Life (EOL) Announcement The Apache Struts Project Team would like to inform you that the Struts 2.5.x web framework will reach diff --git a/content/download.html b/content/download.html index 4b434005a..917d303b6 100644 --- a/content/download.html +++ b/content/download.html @@ -203,26 +203,26 @@ Full Releases -Struts 6.3.0.1 +Struts 6.3.0.2 - The https://struts.apache.org/;>Apache Struts 6.3.0.1 is an elegant, extensible + The https://struts.apache.org/;>Apache Struts 6.3.0.2 is an elegant, extensible framework for creating
(struts-site) branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new cce3fc181 Updates stage by Jenkins cce3fc181 is described below commit cce3fc181ca006c50c46fcdc3eb7364a96295609 Author: jenkins AuthorDate: Thu Dec 7 06:18:54 2023 + Updates stage by Jenkins
(struts-site) branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new 67fb29a28 Updates stage by Jenkins 67fb29a28 is described below commit 67fb29a28b65875b6e8ca1473983ac28740ee353 Author: jenkins AuthorDate: Tue Dec 5 17:36:45 2023 + Updates stage by Jenkins
(struts-site) branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new 5f50f08aa Updates stage by Jenkins 5f50f08aa is described below commit 5f50f08aa003317a19cb2083b599210e38833c86 Author: jenkins AuthorDate: Tue Dec 5 06:48:39 2023 + Updates stage by Jenkins
(struts-site) branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new 314988588 Updates stage by Jenkins 314988588 is described below commit 3149885887ed2daa328070263a5708b96b3c8146 Author: jenkins AuthorDate: Tue Dec 5 06:40:52 2023 + Updates stage by Jenkins --- content/security/index.html | 14 -- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/content/security/index.html b/content/security/index.html index 53c99d166..8a0841857 100644 --- a/content/security/index.html +++ b/content/security/index.html @@ -174,6 +174,7 @@ Run OGNL expressions inside sandbox Apply a maximum allowed length on OGNL expressions OGNL Member Access + Additional Options Allowlist Capability Extensibility @@ -492,8 +493,6 @@ package name patterns. An exact exemption must exist for each exclusion match (t The defaults are defined https://github.com/apache/struts/blob/master/core/src/main/resources/struts-excluded-classes.xml;>here. -Additionally, static methods are blocked, and static fields can also be blocked with ‘struts.allowStaticFieldAccess’. - Any expression or target which does not pass this criteria will be blocked, and you will see a warning in the logs: [WARNING] Target class [class example.MyBean] or declaring class of member type [public example.MyBean()] are excluded! @@ -505,6 +504,17 @@ of such expression is java.la It is possible to redefine the above constants in struts.xml, but avoid reducing the list, instead extending the list with other known dangerous classes or packages in your application. +Additional Options + +We additionally recommend enabling the following options and hope to enable them by default in a future major version. + + + struts.ognl.allowStaticFieldAccess=false - static methods are always blocked, but static fields can also optionally be blocked + struts.disallowProxyMemberAccess=true - disallow proxied objects from being used in OGNL expressions as they may present a security risk + struts.disallowDefaultPackageAccess=true - disallow access to classes in the default package which should not be used in production + struts.ognl.disallowCustomOgnlMap=true - disallow construction of custom OGNL maps which can be used to bypass the SecurityMemberAccess policy + + Allowlist Capability
(struts-site) branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new eb89b6182 Updates stage by Jenkins eb89b6182 is described below commit eb89b61829485eb9001fca3b310b3a8566fccf2b Author: jenkins AuthorDate: Tue Dec 5 06:03:05 2023 + Updates stage by Jenkins --- content/core-developers/interceptors.html | 2 - content/core-developers/struts-default-xml.html | 2 - content/plugins/plugins-architecture.html | 14 +- content/security/index.html | 249 4 files changed, 184 insertions(+), 83 deletions(-) diff --git a/content/core-developers/interceptors.html b/content/core-developers/interceptors.html index 11506002a..e6375deda 100644 --- a/content/core-developers/interceptors.html +++ b/content/core-developers/interceptors.html @@ -291,8 +291,6 @@ than reiterate the same list of Interceptors, we can bundle these Interceptors t interceptors interceptor name="alias" class="com.opensymphony.xwork2.interceptor.AliasInterceptor"/ -interceptor name="autowiring" - class="com.opensymphony.xwork2.spring.interceptor.ActionAutowiringInterceptor"/ interceptor name="chain" class="com.opensymphony.xwork2.interceptor.ChainingInterceptor"/ interceptor name="coep" class="org.apache.struts2.interceptor.CoepInterceptor"/ interceptor name="conversionError" diff --git a/content/core-developers/struts-default-xml.html b/content/core-developers/struts-default-xml.html index e6082f9a6..fa3262ffb 100644 --- a/content/core-developers/struts-default-xml.html +++ b/content/core-developers/struts-default-xml.html @@ -207,8 +207,6 @@ setting in default.properties. interceptors interceptor name="alias" class="com.opensymphony.xwork2.interceptor.AliasInterceptor"/ -interceptor name="autowiring" - class="com.opensymphony.xwork2.spring.interceptor.ActionAutowiringInterceptor"/ interceptor name="chain" class="com.opensymphony.xwork2.interceptor.ChainingInterceptor"/ interceptor name="coep" class="org.apache.struts2.interceptor.CoepInterceptor"/ interceptor name="conversionError" diff --git a/content/plugins/plugins-architecture.html b/content/plugins/plugins-architecture.html index 55b99112c..02c10f9de 100644 --- a/content/plugins/plugins-architecture.html +++ b/content/plugins/plugins-architecture.html @@ -480,7 +480,19 @@ For example, a plugin could provide a new class to create Action classes or map struts.date.formatter Allow define a date formatter used by s:date/ tag (since 6.0.0) singleton - org.apache.struts2.components.date.DateFromatter + org.apache.struts2.components.date.DateFormatter + + + struts.ognlGuard + Define a custom OgnlGuard implementation to block raw or compiled OGNL expressions (since 6.4.0) + singleton + org.apache.struts2.ognl.OgnlGuard + + + struts.securityMemberAccess + Define a custom SecurityMemberAccess implementation, used to restrict OGNL evaluations based on classes involved (since 6.4.0) + prototype + com.opensymphony.xwork2.ognl.SecurityMemberAccess diff --git a/content/security/index.html b/content/security/index.html index ec0574a0d..53c99d166 100644 --- a/content/security/index.html +++ b/content/security/index.html @@ -163,22 +163,27 @@ Do not use incoming, untrusted user input in forced expression evaluation Use Struts tags instead of raw EL expressions Define custom error pages - Proactively protect from OGNL Expression Injections attacks if easily applicable - Run OGNL expressions inside sandbox - Apply a maximum allowed length on OGNL expressions - - - - - Internal security mechanism - Accessing static methods - OGNL is used to call action’s methods - Accepted / Excluded patterns + Ambiguous Action Methods + Accepted / Excluded Patterns Strict Method Invocation Resource Isolation Using Fetch Metadata Cross Origin Isolation with COOP and COEP + Proactively protecting against OGNL Expression Injections attacks + Run OGNL expressions inside sandbox + Apply a maximum allowed length on OGNL expressions + OGNL Member Access + Allowlist Capability + Extensibility + + + Struts OGNL Guard + Extensibility + + + + Security tips @@ -326,7 +331,7 @@ Never use a raw ${} EL error pages. This avoids exposing users to XSS attacks as Struts does not escape action’s names in automatically
(struts-site) branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new fc029c728 Updates stage by Jenkins fc029c728 is described below commit fc029c7281ccab13fbb8afe19115e5025cf33cc5 Author: jenkins AuthorDate: Sun Nov 26 16:28:50 2023 + Updates stage by Jenkins --- content/core-developers/default-properties.html | 7 --- 1 file changed, 7 deletions(-) diff --git a/content/core-developers/default-properties.html b/content/core-developers/default-properties.html index b05405508..82e08be14 100644 --- a/content/core-developers/default-properties.html +++ b/content/core-developers/default-properties.html @@ -382,9 +382,6 @@ struts.mapper.alwaysSelectFullNamespace=false ### Whether to allow static field access in OGNL expressions or not struts.ognl.allowStaticFieldAccess=true -### Whether to allow static method access in OGNL expressions or not -struts.ognl.allowStaticMethodAccess=false - ### Whether to throw a RuntimeException when a property is not found ### in an expression, or when the expression evaluation fails struts.el.throwExceptionOnFailure=false @@ -392,10 +389,6 @@ struts.el.throwExceptionOnFailure=false ### Logs as Warnings properties that are not found (very verbose) struts.ognl.logMissingProperties=false -### Caches parsed OGNL expressions, but can lead to memory leaks -### if the application generates a lot of different expressions -struts.ognl.enableExpressionCache=true - ### Specify the OGNL expression cache factory and BeanInfo cache factory to use. ### Currently, the default implementations are used, but can be replaced with custom ones if desired. # struts.ognl.expressionCacheFactory=customOgnlExpressionCacheFactory
(struts-site) branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new 0fbf1f546 Updates stage by Jenkins 0fbf1f546 is described below commit 0fbf1f5462faad1c3e47cc645eb67144f6f99bff Author: jenkins AuthorDate: Mon Nov 13 06:54:29 2023 + Updates stage by Jenkins
(struts-site) branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new 6d6b20ec9 Updates stage by Jenkins 6d6b20ec9 is described below commit 6d6b20ec997ac90642b8ea05f2c29f24a7b69ca3 Author: jenkins AuthorDate: Mon Nov 13 06:51:25 2023 + Updates stage by Jenkins --- content/dev-mail.html | 47 --- 1 file changed, 28 insertions(+), 19 deletions(-) diff --git a/content/dev-mail.html b/content/dev-mail.html index 3f3edd736..c0392f1a4 100644 --- a/content/dev-mail.html +++ b/content/dev-mail.html @@ -157,38 +157,47 @@ improvements and discussion on future Struts are welcome. For questions Please make sure you have read the guidelines on this page + -Name -Subscribe -Unsubscribe -Description + Name + Subscribe + Unsubscribe + Description + + -https://lists.apache.org/list.html?d...@struts.apache.org;>Struts-Dev -mailto:dev-subscr...@struts.apache.org?subject=subscribebody=subscribe;>subscribe -mailto:dev-unsubscr...@struts.apache.org?subject=unsubscribebody=unsubscribe;>unsubscribe -Contact other developers interested in expanding and improving Struts functionality. + https://lists.apache.org/list.html?d...@struts.apache.org;>Struts Devolopers + mailto:dev-subscr...@struts.apache.org?subject=subscribebody=subscribe;>subscribe + mailto:dev-unsubscr...@struts.apache.org?subject=unsubscribebody=unsubscribe;>unsubscribe + Contact other developers interested in expanding and improving Struts functionality. -https://lists.apache.org/list.html?commits@struts.apache.org;>Struts-Commits -mailto:commits-subscr...@struts.apache.org?subject=subscribebody=subscribe;>subscribe -mailto:commits-unsubscr...@struts.apache.org?subject=unsubscribebody=unsubscribe;>unsubscribe -Receive notifications of changes to the Struts source code repository. + https://lists.apache.org/list.html?commits@struts.apache.org;>Struts Commits + mailto:commits-subscr...@struts.apache.org?subject=subscribebody=subscribe;>subscribe + mailto:commits-unsubscr...@struts.apache.org?subject=unsubscribebody=unsubscribe;>unsubscribe + Receive notifications of changes to the Struts source code repository. -https://lists.apache.org/list.html?iss...@struts.apache.org;>Struts-Issues -mailto:issues-subscr...@struts.apache.org?subject=subscribebody=subscribe;>subscribe -mailto:issues-unsubscr...@struts.apache.org?subject=unsubscribebody=unsubscribe;>unsubscribe -Receive notifications from the Struts issue tracker. + https://lists.apache.org/list.html?iss...@struts.apache.org;>Struts Issues + mailto:issues-subscr...@struts.apache.org?subject=subscribebody=subscribe;>subscribe + mailto:issues-unsubscr...@struts.apache.org?subject=unsubscribebody=unsubscribe;>unsubscribe + Receive notifications from the Struts issue tracker. + + https://lists.apache.org/list.html?notificati...@struts.apache.org;>Struts Notifications + mailto:notifications-subscr...@struts.apache.org?subject=subscribebody=subscribe;>subscribe + mailto:notifications-unsubscr...@struts.apache.org?subject=unsubscribebody=unsubscribe;>unsubscribe + Receive notifications from Github PRs comments related to the Struts + + -You can use a web interface as well if you want to post a question https://lists.apache.org/list.html?d...@struts.apache.org;>https://lists.apache.org/ +You can use a web interface as well if you want to post a question https://lists.apache.org/list.html?d...@struts.apache.org;>https://lists.apache.org/ Archives -You can read the http://mail-archives.apache.org/mod_mbox/struts-dev/;>ASF Mail or the -http://markmail.org/list/org.apache.struts.dev/;>Mark Mail archives if you are looking for older discussions. +You can read the http://mail-archives.apache.org/mod_mbox/struts-dev/;>ASF Mail or the http://markmail.org/list/org.apache.struts.dev/;>Mark Mail archives if you are looking for older discussions. There are many other archives out there as well.
(struts-site) branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new 6ed8343ae Updates stage by Jenkins 6ed8343ae is described below commit 6ed8343ae97ae58aea5d3aa0602feff7e2a8196d Author: jenkins AuthorDate: Wed Nov 1 16:01:13 2023 + Updates stage by Jenkins
(struts-site) branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new 8796ff459 Updates stage by Jenkins 8796ff459 is described below commit 8796ff459d5ba4487a498689488e16a2f9d9e4a1 Author: jenkins AuthorDate: Wed Nov 1 11:31:44 2023 + Updates stage by Jenkins --- content/commercial-support.html | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/commercial-support.html b/content/commercial-support.html index 08b6e17d0..07c1df0d5 100644 --- a/content/commercial-support.html +++ b/content/commercial-support.html @@ -185,7 +185,7 @@ supportive companies, please share details with us. - scope of support: consulting, Java UI development, audit, support + scope of support: consulting, Java UI development, audit
(struts-site) branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new 357e891d3 Updates stage by Jenkins 357e891d3 is described below commit 357e891d3e64c9a68d26b359e3be206cdfcd8bed Author: jenkins AuthorDate: Wed Nov 1 11:19:32 2023 + Updates stage by Jenkins --- content/commercial-support.html | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/commercial-support.html b/content/commercial-support.html index fac1bc5fd..08b6e17d0 100644 --- a/content/commercial-support.html +++ b/content/commercial-support.html @@ -185,7 +185,7 @@ supportive companies, please share details with us. - scope of support: consulting, development, audit, support + scope of support: consulting, Java UI development, audit, support
(struts-site) branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new eaae00bc1 Updates stage by Jenkins eaae00bc1 is described below commit eaae00bc16a4617e15d96a4708a70719f9f78c14 Author: jenkins AuthorDate: Wed Nov 1 11:10:46 2023 + Updates stage by Jenkins --- content/commercial-support.html | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/content/commercial-support.html b/content/commercial-support.html index d70b58771..fac1bc5fd 100644 --- a/content/commercial-support.html +++ b/content/commercial-support.html @@ -171,7 +171,7 @@ supportive companies, please share details with us. Last updated: 2023-10-31 - https://softwaremill.com/contact/;>Softwaremill + https://softwaremill.com/contact/;>SoftwareMill contact details: @@ -185,7 +185,7 @@ supportive companies, please share details with us. - scope of support: consulting, development, testing, audit + scope of support: consulting, development, audit, support
(struts-site) branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new 71e1940e0 Updates stage by Jenkins 71e1940e0 is described below commit 71e1940e0f7ced70f634974aadd6f6cf199d87cf Author: jenkins AuthorDate: Tue Oct 31 14:56:58 2023 + Updates stage by Jenkins
(struts-site) branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new e3b9ba19b Updates stage by Jenkins e3b9ba19b is described below commit e3b9ba19b69bde256602b725eb3411db3a3dd57e Author: jenkins AuthorDate: Tue Oct 31 14:39:31 2023 + Updates stage by Jenkins --- .../core-developers/accessing-application-session-request-objects.html | 2 +- content/tag-developers/access-to-valuestack-from-jsps.html | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/content/core-developers/accessing-application-session-request-objects.html b/content/core-developers/accessing-application-session-request-objects.html index 2432982da..e9d8eb350 100644 --- a/content/core-developers/accessing-application-session-request-objects.html +++ b/content/core-developers/accessing-application-session-request-objects.html @@ -227,7 +227,7 @@ doesn’t exist, it will search the #attr is for Page scope attributes first, but will search the remaining scopes, in order, seeking a match. -In opposite using just # means you want to fetch a value from the top of the ValueStack +In opposite using just # means you want to fetch a value from the top of the ValueStack without searching down the stack. diff --git a/content/tag-developers/access-to-valuestack-from-jsps.html b/content/tag-developers/access-to-valuestack-from-jsps.html index 8a9ff199c..f2789e298 100644 --- a/content/tag-developers/access-to-valuestack-from-jsps.html +++ b/content/tag-developers/access-to-valuestack-from-jsps.html @@ -147,6 +147,8 @@ https://github.com/apache/struts-site/edit/master/source/tag-developers/access-to-valuestack-from-jsps.md; title="Edit this page on GitHub">Edit on GitHub +<< back to JSP + Access to ValueStack from JSPs To access the ValueStack from third-party JSP taglibs, expose property values to JSP using the s:set/ tag.
(struts-site) branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new cf987f212 Updates stage by Jenkins cf987f212 is described below commit cf987f212ef2a295af112d2e67dd948199bf652d Author: jenkins AuthorDate: Tue Oct 31 09:29:30 2023 + Updates stage by Jenkins --- .../accessing-application-session-request-objects.html | 14 -- 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/content/core-developers/accessing-application-session-request-objects.html b/content/core-developers/accessing-application-session-request-objects.html index c9f60603f..2432982da 100644 --- a/content/core-developers/accessing-application-session-request-objects.html +++ b/content/core-developers/accessing-application-session-request-objects.html @@ -211,23 +211,25 @@ Page attributes are accessed via OGNL using the #application stack value. The #attr stack value will search the javax.servlet.jsp.PageContext for the specified key. If the PageContext -doesn’t exist, it will search the request, session, and application scopes, in that order. +doesn’t exist, it will search the request, session and application scopes, in that order. -Accessing attributes in the Application, Session, Request, or Page scope from a JSP +Accessing attributes in the Application, Session, Request or Page scope from a JSP -pRetrieve the attribute (property), with key myId, from the specified scope:/p +Retrieve the attribute (property), with key myId, from the specified scope: -s:property value="#application.myId" / +s:property value="#application.myId" / s:property value="#session.myId" / s:property value="#request.myId" / s:property value="#attr.myId" / - -pReminder: #attr is for Page scope attributes first, but will search the remaining scopes, in order, seeking a match./p +Note: #attr is for Page scope attributes first, but will search the remaining scopes, in order, seeking a match. +In opposite using just # means you want to fetch a value from the top of the ValueStack +without searching down the stack. +
(struts-site) branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new 2a4dae6f4 Updates stage by Jenkins 2a4dae6f4 is described below commit 2a4dae6f4ee9c43f3f12a184e1cedbc243a9047e Author: jenkins AuthorDate: Tue Oct 31 09:11:47 2023 + Updates stage by Jenkins
(struts-site) branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new 37b49bb0c Updates stage by Jenkins 37b49bb0c is described below commit 37b49bb0c7dde5efb8f1722053582074c7914beb Author: jenkins AuthorDate: Sun Oct 29 13:14:51 2023 + Updates stage by Jenkins --- content/tag-developers/include-tag.html | 13 ++--- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/content/tag-developers/include-tag.html b/content/tag-developers/include-tag.html index 0cc60c0e3..ed47efebe 100644 --- a/content/tag-developers/include-tag.html +++ b/content/tag-developers/include-tag.html @@ -171,16 +171,15 @@ the s:property/Below it’s an example how you can access parameters passed into the included page: with scope: -s:set var="paramName" scope="page"${param.paramName}/s:set -s:property value="paramName"/ +s:set var="innerName" scope="page"${param.paramName}/s:set +s:property value="#attr.innerName"/ with no scope: -s:set var="paramName"${param.paramName}/s:set -s:property value="paramName"/ - -s:property value="#attr.paramName"/ -s:property value="#paramName"/ +s:set var="innerName"${param.paramName}/s:set +s:property value="innerName"/ +s:property value="#attr.innerName"/ +s:property value="#innerName"/
(struts-site) branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new e0d5df604 Updates stage by Jenkins e0d5df604 is described below commit e0d5df6041b2bb05acb9fa62c25fd02035c4e1fa Author: jenkins AuthorDate: Sun Oct 29 09:39:36 2023 + Updates stage by Jenkins --- content/tag-developers/include-tag.html | 23 --- 1 file changed, 20 insertions(+), 3 deletions(-) diff --git a/content/tag-developers/include-tag.html b/content/tag-developers/include-tag.html index ebf84c256..0cc60c0e3 100644 --- a/content/tag-developers/include-tag.html +++ b/content/tag-developers/include-tag.html @@ -170,10 +170,19 @@ the s:property/Below it’s an example how you can access parameters passed into the included page: +with scope: s:set var="paramName" scope="page"${param.paramName}/s:set s:property value="paramName"/ +with no scope: +s:set var="paramName"${param.paramName}/s:set +s:property value="paramName"/ + +s:property value="#attr.paramName"/ +s:property value="#paramName"/ + + Note: You can access such params without using JSTL, just use ${param.paramName} notation. @@ -244,12 +253,20 @@ the s:property/Example 4 +accessing passed parameters in the included page + +with scope: s:set var="param1" scope="page"${param.param1}/s:set -Param1 = s:property value="param1"/ -Param2 = ${param.param2} +s:property value="#attr.param1"/ -do access passed parameters in the included page +with no scope: +s:set var="param2"${param.param2}/s:set +s:property value="param2"/ + +s:property value="#attr.param2"/ +s:property value="#param2"/ +
(struts-site) branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new 4b10c9a53 Updates stage by Jenkins 4b10c9a53 is described below commit 4b10c9a53d990fbd4e573b85d2f04b263e9f2b7a Author: jenkins AuthorDate: Sat Oct 28 15:26:28 2023 + Updates stage by Jenkins --- content/tag-developers/include-tag.html | 15 --- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/content/tag-developers/include-tag.html b/content/tag-developers/include-tag.html index b93c3120b..e053ddd60 100644 --- a/content/tag-developers/include-tag.html +++ b/content/tag-developers/include-tag.html @@ -163,11 +163,20 @@ through the s:property... via the HttpServletRequest object or from a JSP page via a scriptlet. -How To access parameters +How to access parameters Parameters are passed as request parameters, so use the ${param.ParamName} notation to access them. Do not use the property tag to access parameters in included files. +Below it’s an example how you can access parameters passed into the included page: + +s:set var="paramName" scope="page"${param.ParamName}/s:set + + + + Note: You can access such params without using JSTL, just use ${param.ParamName} notation in Struts tags. + + Attributes @@ -220,7 +229,7 @@ the property tag to access parameters in included files. /s:include -do an include to myJsp.jsp page with parameters param1=value1 and param2=value2 +do an include to myJsp.jsp page with parameters param1=value1 and param2=value2 Example 3 @@ -230,7 +239,7 @@ the property tag to access parameters in included files. /s:include -do an include to myJsp.jsp page with parameters param1=value1 and param2=value2 +do an include to myJsp.jsp page with parameters param1=value1 and param2=value2
(struts-site) branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new 96b407c32 Updates stage by Jenkins 96b407c32 is described below commit 96b407c32c4555026d65097d33f99c8bb45c5ed6 Author: jenkins AuthorDate: Sat Oct 28 15:23:23 2023 + Updates stage by Jenkins
[struts-site] branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new 8585c1b25 Updates stage by Jenkins 8585c1b25 is described below commit 8585c1b2507fdd6abae389e6dd299136c1b9b6f0 Author: jenkins AuthorDate: Tue Oct 24 05:54:18 2023 + Updates stage by Jenkins --- content/struts23-eol-announcement.html | 3 ++- content/struts25-eol-announcement.html | 4 ++-- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/content/struts23-eol-announcement.html b/content/struts23-eol-announcement.html index 57d13534b..dd99378d6 100644 --- a/content/struts23-eol-announcement.html +++ b/content/struts23-eol-announcement.html @@ -164,7 +164,8 @@ internal changes to improve overall framework’s security. All resources will stay where they are. The documentation will still be accessible from the Apache Struts homepage, as well as the downloads for all released Struts 2.3.x versions. All of the Struts 2.3.x source code can be found in the Apache Struts Git repository under branch -support/struts-2-3-x, now and in future. All released Maven artifacts will still be accessible in Maven Central. +[support/struts-2-3-x(https://github.com/apache/struts/tree/support/struts-2-3-x), now and in the future. +All released Maven artifacts will still be accessible in Maven Central. Given a major security problem or a serious bug is reported for Struts 2.3.x in near future, can we expect a new release with fixes? diff --git a/content/struts25-eol-announcement.html b/content/struts25-eol-announcement.html index a62daa53f..565c0dce0 100644 --- a/content/struts25-eol-announcement.html +++ b/content/struts25-eol-announcement.html @@ -166,8 +166,8 @@ overall framework’s security. All resources will stay where they are. The documentation will still be accessible from the Apache Struts homepage, as well as the downloads for all released Struts 2.5.x versions. All the Struts 2.5.x source code can be found -in the Apache Struts Git repository under branch support/struts-2-5-x, now and in the future. All released Maven -artifacts will still be accessible in Maven Central. +in the Apache Struts Git repository under branch https://github.com/apache/struts/tree/support/struts-2-5-x;>support/struts-2-5-x, +now and in the future. All released Maven artifacts will still be accessible in Maven Central. Given a major security problem or a serious bug is reported for Struts 2.5.x in near future, can we expect a new release with fixes?
[struts-site] branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new 85e674f42 Updates stage by Jenkins 85e674f42 is described below commit 85e674f422a5804120df4974601c7df6dbec6cec Author: jenkins AuthorDate: Tue Oct 24 05:29:42 2023 + Updates stage by Jenkins --- content/index.html | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/content/index.html b/content/index.html index d3000bee5..e8edee136 100644 --- a/content/index.html +++ b/content/index.html @@ -207,11 +207,11 @@ -Apache Struts 2.3.x EOL +Apache Struts 2.5.x EOL - The Apache Struts Team informs about discontinuing support for Struts 2.3.x branch, we recommend migration + The Apache Struts Team informs about discontinuing support for Struts 2.5.x branch, we recommend migration to the latest version of Struts, read more in - Announcement + Announcement
[struts-site] branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new b246a1411 Updates stage by Jenkins b246a1411 is described below commit b246a141169587488053c8aae7570f83fe9890b7 Author: jenkins AuthorDate: Tue Oct 24 05:28:58 2023 + Updates stage by Jenkins --- content/struts23-eol-announcement.html | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/struts23-eol-announcement.html b/content/struts23-eol-announcement.html index 1f57f68cc..57d13534b 100644 --- a/content/struts23-eol-announcement.html +++ b/content/struts23-eol-announcement.html @@ -164,7 +164,7 @@ internal changes to improve overall framework’s security. All resources will stay where they are. The documentation will still be accessible from the Apache Struts homepage, as well as the downloads for all released Struts 2.3.x versions. All of the Struts 2.3.x source code can be found in the Apache Struts Git repository under branch -support-2-3, now and in future. All released Maven artifacts will still be accessible in Maven Central. +support/struts-2-3-x, now and in future. All released Maven artifacts will still be accessible in Maven Central. Given a major security problem or a serious bug is reported for Struts 2.3.x in near future, can we expect a new release with fixes?
[struts-site] branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new 6c167ab08 Updates stage by Jenkins 6c167ab08 is described below commit 6c167ab089e109021e1325106a9594b7545c686f Author: jenkins AuthorDate: Fri Oct 20 10:43:27 2023 + Updates stage by Jenkins --- content/commercial-support.html | 20 ++--- content/core-developers/default-properties.html | 38 + 2 files changed, 21 insertions(+), 37 deletions(-) diff --git a/content/commercial-support.html b/content/commercial-support.html index 991532f07..07dd6fcbf 100644 --- a/content/commercial-support.html +++ b/content/commercial-support.html @@ -158,18 +158,15 @@ ASF support -The Apache Software Foundation doesn’t provide any kind of commercial support you can call for in case of issues -or request changes impacting Apache Struts or applications build based on top of the framework. You can always prepare -a change request and donate your code to the project. This requires fulfilling some requirements, please read -the https://www.apache.org/foundation/how-it-works/legal.html;>Legal page for more details. +Please note that the Apache Software Foundation does not offer commercial support for Apache Struts or related applications. +If you encounter issues or wish to propose changes, you can submit a change request and contribute code to the project. +Ensure you meet the requirements specified https://www.apache.org/foundation/how-it-works/legal.html;>here. List of companies -Below is a list of companies that can provide you with commercial support around Apache Struts and JavaEE application. -Please contact the company directly with your inquiry to get detailed information about how they can help you. - -We do our best to keep this list up to date and if you know any company that offers this kind of support, feel free to contact -us and provide more details. +Explore commercial support options for Apache Struts and JavaEE applications through the following companies. +For detailed assistance, kindly reach out to them directly. Help us keep this list current; if you’re aware of other +supportive companies, please share details with us. Last updated: 2023-10-10 @@ -184,9 +181,8 @@ us and provide more details. How to add a new company -The simplest approach is to create a Pull Request to this page providing all the information. The PR will be reviewed -by one of the committers who can verify that data or ask for more clarification. -You can also send a request to the https://struts.staged.apache.org/mail.html;>User Mailing list with all the data. +Create a Pull Request with the required information. A committer will review it, ensuring accuracy, or seek clarification. +Alternatively, you can submit a request to the https://struts.staged.apache.org/mail.html;>User Mailing list. diff --git a/content/core-developers/default-properties.html b/content/core-developers/default-properties.html index 29b34b4ca..b05405508 100644 --- a/content/core-developers/default-properties.html +++ b/content/core-developers/default-properties.html @@ -401,31 +401,19 @@ struts.ognl.enableExpressionCache=true # struts.ognl.expressionCacheFactory=customOgnlExpressionCacheFactory # struts.ognl.beanInfoCacheFactory=customOgnlBeanInfoCacheFactory -### Specify a limit to the number of entries in the OGNL expressionCache. -### For the standard expressionCache mode, when the limit is exceeded the entire cache's -### content will be cleared (can help prevent memory leaks). -### For expressionCacheLRUMode true, the limit will ensure the cache does not exceed -### that size, dropping the oldest (least-recently-used) expressions to add new ones. -### NOTE: If not set, the default is 25000, which may be excessive. -# struts.ognl.expressionCacheMaxSize=1000 - -### Indicates if the OGNL expressionCache should use LRU mode. -### NOTE: When true, make sure to set the expressionCacheMaxSize to a reasonable value -### for your application. Otherwise the default limit will never (practically) be reached. -# struts.ognl.expressionCacheLRUMode=false - -### Specify a limit to the number of entries in the OGNL beanInfoCache. -### For the standard beanInfoCache mode, when the limit is exceeded the entire cache's -### content will be cleared (can help prevent memory leaks). -### For beanInfoCacheLRUMode true, the limit will ensure the cache does not exceed -### that size, dropping the oldest (least-recently-used) expressions to add new ones. -### NOTE: If not set, the default is 25000, which may be excessive. -# struts.ognl.beanInfoCacheMaxSize=1000 - -### Indicates if the OGNL beanInfoCache should use LRU mode. -### NOTE: When true, make sure to set the beanInfoCacheMaxSize to
[struts-site] branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new 25d4d53a8 Updates stage by Jenkins 25d4d53a8 is described below commit 25d4d53a8b12caf3adf37719c4fc3a1cf61f814a Author: jenkins AuthorDate: Sun Oct 15 10:14:53 2023 + Updates stage by Jenkins
[struts-site] branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new 690fbef0f Updates stage by Jenkins 690fbef0f is described below commit 690fbef0f93c118fd6a41c9ed8b0da39a3e2bfd8 Author: jenkins AuthorDate: Fri Oct 13 08:50:56 2023 + Updates stage by Jenkins --- content/commercial-support.html | 7 +++ 1 file changed, 7 insertions(+) diff --git a/content/commercial-support.html b/content/commercial-support.html index 707a06aed..8dfaa2e12 100644 --- a/content/commercial-support.html +++ b/content/commercial-support.html @@ -135,6 +135,7 @@ ASF support List of companies + How to add a new company ASF support @@ -163,6 +164,12 @@ us and provide more details. +How to add a new company + +The simplest approach is to create a Pull Request to this page providing all the information. The PR will be reviewed +by one of the committers who can verify that data or ask for more clarification. +You can also send a request to the https://struts.staged.apache.org/mail.html;>User Mailing list with all the data. +
[struts-site] branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new d8372a1be Updates stage by Jenkins d8372a1be is described below commit d8372a1be7c7dfc3488eab518f4a6caf963e Author: jenkins AuthorDate: Fri Oct 13 08:42:31 2023 + Updates stage by Jenkins --- content/commercial-support.html | 39 +++ 1 file changed, 11 insertions(+), 28 deletions(-) diff --git a/content/commercial-support.html b/content/commercial-support.html index d039b9ca4..707a06aed 100644 --- a/content/commercial-support.html +++ b/content/commercial-support.html @@ -140,45 +140,28 @@ ASF support The Apache Software Foundation doesn’t provide any kind of commercial support you can call for in case of issues -or requests changes impacting Apache Struts or applications build based on top of the framework. You can always prepare +or request changes impacting Apache Struts or applications build based on top of the framework. You can always prepare a change request and donate your code to the project. This requires fulfilling some requirements, please read the https://www.apache.org/foundation/how-it-works/legal.html;>Legal page for more details. List of companies -Below is a list of companies that can provide you with commercial support around Apache Struts and JavaEE application -built on it. Please contact the company directly with your inquiry to get detailed information about how they can help you. +Below is a list of companies that can provide you with commercial support around Apache Struts and JavaEE application. +Please contact the company directly with your inquiry to get detailed information about how they can help you. We do our best to keep this list up to date and if you know any company that offers this kind of support, feel free to contact us and provide more details. Last updated: 2023-10-10 - - - - Lp - Company name - contact details - scope of support - - - - - - - - - - - - - - - - - - + + [Company name] + + contact details: phone, web page, contact person + scope of support: consulting, development, testing, audit + + +
[struts-site] branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new 8b2ea998d Updates stage by Jenkins 8b2ea998d is described below commit 8b2ea998db203d6b6e4ed68238cb340259a2c9ca Author: jenkins AuthorDate: Tue Oct 10 13:24:12 2023 + Updates stage by Jenkins --- content/core-developers/static-content.html | 16 ++-- content/core-developers/web-xml.html| 61 + 2 files changed, 48 insertions(+), 29 deletions(-) diff --git a/content/core-developers/static-content.html b/content/core-developers/static-content.html index 90f98e9d5..5d674b17a 100644 --- a/content/core-developers/static-content.html +++ b/content/core-developers/static-content.html @@ -132,21 +132,29 @@ Static Content + Disabling static content Custom Static Content Loaders Default Content Loader Default path Preventing Struts from handling a request -Struts can serve static content like css and javascript files. This feature is enabled by default, but can be disabled -by setting: +Struts can serve a static content like CSS and JavaScript files using a predefined path. By default, these resources +are served using /static path defined using a constant struts.ui.staticContentPath - see below for more details. + +Please remember to include this path in your filter mapping if you use a custom mapping, see web.xml example config. + +Disabling static content + +You can disable this feature by setting the following constant to false. Once disabled you must provided the required +CSS JavaScript files on your own, which can be a good thing when you want to use a CDN. constant name="struts.serve.static" value="false"/ - If you disable this feature, but use the xhtml, or css_xhtml theme, make sure that the javascript and css files -shipped inside the core jar are extracted to your web application directory. + If you disable this feature, but you use the xhtml, or css_xhtml theme, make sure the JavasScript and CSS files +shipped inside the core jar are extracted to your web application directory or served in some other way. Custom Static Content Loaders diff --git a/content/core-developers/web-xml.html b/content/core-developers/web-xml.html index d4ca7fec0..bfaecdcb3 100644 --- a/content/core-developers/web-xml.html +++ b/content/core-developers/web-xml.html @@ -133,8 +133,7 @@ Simple Example - Changed filter package in Struts = 2.5 - Changed Filter Structure in Struts = 2.1.3 + Custom mapping Exclude specific URLs Taglib Example Custom FileManager and FileManagerFactory implementations @@ -174,38 +173,50 @@ should behave. /web-app -Changed filter package in Struts = 2.5 +See SiteMesh Plugin for an example on when to use separate Filters for prepare and execution phase. -As from Struts 2.5 all filters were moved to top package, if you are using older version you must use the old package, -see example: +Custom mapping -web-app id="WebApp_9" version="2.4" - xmlns="http://java.sun.com/xml/ns/j2ee; - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance; - xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd; +The above approach is a preferred way of enabling support for Struts in your web application. Yet you can have more +specific requirements and use more specific mapping like presented below: + +web-app ... filter filter-namestruts2/filter-name -filter-classorg.apache.struts2.dispatcher.ng.filter.StrutsPrepareAndExecuteFilter/filter-class +filter-classorg.apache.struts2.dispatcher.filter.StrutsPrepareAndExecuteFilter/filter-class /filter -... + +filter-mapping +filter-namestruts2/filter-name +url-pattern*.action/url-pattern +/filter-mapping + /web-app -Changed Filter Structure in Struts = 2.1.3 +In such case only requests ending with .action will be directed by a Servlet container to be handled by Struts filter. +This can impact serving static content provided by Struts and you will have to define additional mapping to support it: -To split up the the dispatcher phases, FilterDispatcher is deprecated since Struts 2.1.3. If working with older -versions, you need to use +web-app ... -... filter filter-namestruts2/filter-name -filter-classorg.apache.struts2.dispatcher.FilterDispatcher/filter-class -... - +filter-classorg.apache.struts2.dispatcher.filter.StrutsPrepareAndExecuteFilter/filter-class +/filter + +filter-mapping +filter-namestruts2/filter-name +url-pattern*.action/url-pattern +/filter-mapping -See SiteMesh Plugin for an example on when to use separate Filters for prepare -and execution
[struts-site] branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new 89cab1875 Updates stage by Jenkins 89cab1875 is described below commit 89cab1875c774f58f730fe642c4bfc359a5bcaa8 Author: jenkins AuthorDate: Wed Sep 13 17:59:33 2023 + Updates stage by Jenkins
[struts-site] branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new bed9ff051 Updates stage by Jenkins bed9ff051 is described below commit bed9ff05108d9b3c3c9a06f6f19e114e9403d5d4 Author: jenkins AuthorDate: Wed Sep 13 17:55:07 2023 + Updates stage by Jenkins --- content/download.html | 2 +- content/releases.html | 15 +++ 2 files changed, 16 insertions(+), 1 deletion(-) diff --git a/content/download.html b/content/download.html index f6b98dbbd..204639e61 100644 --- a/content/download.html +++ b/content/download.html @@ -329,7 +329,7 @@ -Struts 2.5.32 +Struts 2.3.x We stopped serving directly the outdated Struts 2.3.x series, you should immediately upgrade to the latest 2.5.x version or migrate to the latest 6.x.x version. Please check the Prior releases section below, if you are looking for older versions. diff --git a/content/releases.html b/content/releases.html index 49924f545..4c426a9e1 100644 --- a/content/releases.html +++ b/content/releases.html @@ -226,12 +226,25 @@ + + + Struts 6.3.0 + +4 September 2023 + + https://cwiki.apache.org/confluence/display/WW/S2-065;>S2-065 + + + https://cwiki.apache.org/confluence/display/WW/Version+Notes+6.3.0;>Version notes + + Struts 6.2.0 10 July 2023 + https://cwiki.apache.org/confluence/display/WW/S2-065;>S2-065 https://cwiki.apache.org/confluence/display/WW/Version+Notes+6.2.0;>Version notes @@ -243,6 +256,7 @@ 13 June 2023 + https://cwiki.apache.org/confluence/display/WW/S2-065;>S2-065 https://cwiki.apache.org/confluence/display/WW/Version+Notes+6.1.2.1;>Version notes @@ -254,6 +268,7 @@ 13 June 2023 + https://cwiki.apache.org/confluence/display/WW/S2-065;>S2-065 https://cwiki.apache.org/confluence/display/WW/Version+Notes+2.5.31;>Version notes
[struts-site] branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new 28d205fc1 Updates stage by Jenkins 28d205fc1 is described below commit 28d205fc1ed1b48bdcb811d153f455d476a66b36 Author: jenkins AuthorDate: Wed Sep 13 17:42:53 2023 + Updates stage by Jenkins
[struts-site] branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new 6622e2a46 Updates stage by Jenkins 6622e2a46 is described below commit 6622e2a4664b2b89d1444f097ef94729c30e91cd Author: jenkins AuthorDate: Wed Sep 13 17:41:14 2023 + Updates stage by Jenkins --- content/download.html | 42 +- 1 file changed, 21 insertions(+), 21 deletions(-) diff --git a/content/download.html b/content/download.html index 9bbc5c6e4..f6b98dbbd 100644 --- a/content/download.html +++ b/content/download.html @@ -260,19 +260,19 @@ -Struts 6.3.0 +Struts 2.5.32 -https://cwiki.apache.org/confluence/display/WW/Version+Notes+6.3.0;>Version Notes +https://cwiki.apache.org/confluence/display/WW/Version+Notes+2.5.32;>Version Notes Full Distribution: -https://archive.apache.org/dist/struts/6.3.0/struts-6.3.0-all.zip;>struts-6.3.0-all.zip (65MB) -[https://archive.apache.org/dist/struts/6.3.0/struts-6.3.0-all.zip.asc;>PGP] -[https://archive.apache.org/dist/struts/6.3.0/struts-6.3.0-all.zip.sha256;>SHA256] +https://archive.apache.org/dist/struts/2.5.32/struts-2.5.32-all.zip;>struts-2.5.32-all.zip (65MB) +[https://archive.apache.org/dist/struts/2.5.32/struts-2.5.32-all.zip.asc;>PGP] +[https://archive.apache.org/dist/struts/2.5.32/struts-2.5.32-all.zip.sha256;>SHA256] @@ -280,9 +280,9 @@ Example Applications: -https://archive.apache.org/dist/struts/6.3.0/struts-6.3.0-apps.zip;>struts-6.3.0-apps.zip (35MB) -[https://archive.apache.org/dist/struts/6.3.0/struts-6.3.0-apps.zip.asc;>PGP] -[https://archive.apache.org/dist/struts/6.3.0/struts-6.3.0-apps.zip.sha256;>SHA256] +https://archive.apache.org/dist/struts/2.5.32/struts-2.5.32-apps.zip;>struts-2.5.32-apps.zip (35MB) +[https://archive.apache.org/dist/struts/2.5.32/struts-2.5.32-apps.zip.asc;>PGP] +[https://archive.apache.org/dist/struts/2.5.32/struts-2.5.32-apps.zip.sha256;>SHA256] @@ -290,9 +290,9 @@ Essential Dependencies Only: -https://archive.apache.org/dist/struts/6.3.0/struts-6.3.0-min-lib.zip;>struts-6.3.0-min-lib.zip (4MB) -[https://archive.apache.org/dist/struts/6.3.0/struts-6.3.0-min-lib.zip.asc;>PGP] -[https://archive.apache.org/dist/struts/6.3.0/struts-6.3.0-min-lib.zip.sha256;>SHA256] +https://archive.apache.org/dist/struts/2.5.32/struts-2.5.32-min-lib.zip;>struts-2.5.32-min-lib.zip (4MB) +[https://archive.apache.org/dist/struts/2.5.32/struts-2.5.32-min-lib.zip.asc;>PGP] +[https://archive.apache.org/dist/struts/2.5.32/struts-2.5.32-min-lib.zip.sha256;>SHA256] @@ -300,9 +300,9 @@ All Dependencies: -https://archive.apache.org/dist/struts/6.3.0/struts-6.3.0-lib.zip;>struts-6.3.0-lib.zip (19MB) -[https://archive.apache.org/dist/struts/6.3.0/struts-6.3.0-lib.zip.asc;>PGP] -[https://archive.apache.org/dist/struts/6.3.0/struts-6.3.0-lib.zip.sha256;>SHA256] +https://archive.apache.org/dist/struts/2.5.32/struts-2.5.32-lib.zip;>struts-2.5.32-lib.zip (19MB) +[https://archive.apache.org/dist/struts/2.5.32/struts-2.5.32-lib.zip.asc;>PGP] +[https://archive.apache.org/dist/struts/2.5.32/struts-2.5.32-lib.zip.sha256;>SHA256] @@ -310,9 +310,9 @@ Documentation: -https://archive.apache.org/dist/struts/6.3.0/struts-6.3.0-docs.zip;>struts-6.3.0-docs.zip (13MB) -[https://archive.apache.org/dist/struts/6.3.0/struts-6.3.0-docs.zip.asc;>PGP] -[https://archive.apache.org/dist/struts/6.3.0/struts-6.3.0-docs.zip.sha256;>SHA256] +https://archive.apache.org/dist/struts/2.5.32/struts-2.5.32-docs.zip;>struts-2.5.32-docs.zip (13MB) +[https://archive.apache.org/dist/struts/2.5.32/struts-2.5.32-docs.zip.asc;>PGP] +[https://archive.apache.org/dist/struts/2.5.32/struts-2.5.32-docs.zip.sha256;>SHA256] @@ -320,16 +320,16 @@ Source: -https://archive.apache.org/dist/struts/6.3.0/struts-6.3.0-src.zip;>struts-6.3.0-src.zip (7MB) -[https://archive.apache.org/dist/struts/6.3.0/struts-6.3.0-src.zip.asc;>PGP] -[https://archive.apache.org/dist/struts/6.3.0/struts-6.3.0-src.zip.sha256;>SHA256] +https://archive.apache.org/dist/struts/2.5.32/struts-2.5.32-src.zip;>struts-2.5.32-src.zip (7MB) +[https://archive.apache.org/dist/struts/2.5.32/struts-2.5.32-src.zip.asc;>PGP] +[https://archive.apache.org/dist/struts/2.5.32/struts-2.5.32-src.zip.sha256;>SHA256] -Struts 6.3.0 +Struts 2.5.32 We stopped serving directly the outdated Struts 2.3.x
[struts-site] branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new 789083440 Updates stage by Jenkins 789083440 is described below commit 7890834401836223a2953bcca98cb117cb58a382 Author: jenkins AuthorDate: Wed Sep 13 14:48:41 2023 + Updates stage by Jenkins
[struts-site] branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new 46b965243 Updates stage by Jenkins 46b965243 is described below commit 46b9652436d1dbb7ae6022d5ba45bf0d5bf19bd8 Author: jenkins AuthorDate: Wed Sep 13 14:43:04 2023 + Updates stage by Jenkins --- content/index.html | 10 -- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/content/index.html b/content/index.html index dcd022718..894995f5b 100644 --- a/content/index.html +++ b/content/index.html @@ -172,6 +172,14 @@ + +Apache Struts 6.1.2.2 GA + + Apache Struts 6.1.2.2 GA has been releasedon 13 September 2023. + +Read more in Announcement or in +https://cwiki.apache.org/confluence/display/WW/Version+Notes+6.1.2.2;>Version notes + Google's Patch Reward program During http://www.meetup.com/sfhtml5/;>SFHTML5 Google announced that @@ -188,8 +196,6 @@ Announcement - -
[struts-site] branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new 387a7d217 Updates stage by Jenkins 387a7d217 is described below commit 387a7d217daaeef88d8568f032a2d2464b319cb5 Author: jenkins AuthorDate: Wed Sep 13 14:39:24 2023 + Updates stage by Jenkins --- content/announce-2023.html | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/content/announce-2023.html b/content/announce-2023.html index 4dcfc8897..d5fc8a073 100644 --- a/content/announce-2023.html +++ b/content/announce-2023.html @@ -135,7 +135,7 @@ 13 September 2023 - Apache Struts version 6.3.0.1 General Availability 13 September 2023 - Apache Struts version 6.1.2.2 General Availability 13 September 2023 - Apache Struts version 2.5.32 General Availability - 04 September 2023 - Apache Struts version 6.3.0 General Availability + 04 September 2023 - Apache Struts version 6.3.0 General Availability 10 July 2023 - Apache Struts version 6.2.0 General Availability 13 June 2023 - Apache Struts version 6.1.2.1 General Availability 13 June 2023 - Apache Struts version 2.5.31 General Availability @@ -227,7 +227,7 @@ and, if appropriate, file https://issues.apache.org/jira/projects/WW/;> You can download this version from our download page. -04 September 2023 - Apache Struts version 6.3.0 General Availability +04 September 2023 - Apache Struts version 6.3.0 General Availability The Apache Struts group is pleased to announce that Apache Struts version 6.3.0 is available as a “General Availability” release. The GA designation is our highest quality grade.
[struts-site] branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new 92ac77bc3 Updates stage by Jenkins 92ac77bc3 is described below commit 92ac77bc3ab30ef6161a1f453abef1eb7af2be91 Author: jenkins AuthorDate: Wed Sep 13 14:36:19 2023 + Updates stage by Jenkins --- content/announce-2023.html | 12 ++-- 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/content/announce-2023.html b/content/announce-2023.html index d31a77256..4dcfc8897 100644 --- a/content/announce-2023.html +++ b/content/announce-2023.html @@ -132,9 +132,9 @@ Announcements 2023 - 13 September 2023 - Apache Struts version 6.3.0.1 General Availability - 13 September 2023 - Apache Struts version 6.1.2.2 General Availability - 13 September 2023 - Apache Struts version 2.5.32 General Availability + 13 September 2023 - Apache Struts version 6.3.0.1 General Availability + 13 September 2023 - Apache Struts version 6.1.2.2 General Availability + 13 September 2023 - Apache Struts version 2.5.32 General Availability 04 September 2023 - Apache Struts version 6.3.0 General Availability 10 July 2023 - Apache Struts version 6.2.0 General Availability 13 June 2023 - Apache Struts version 6.1.2.1 General Availability @@ -146,7 +146,7 @@ Skip to: Announcements - 2022 -13 September 2023 - Apache Struts version 6.3.0.1 General Availability +13 September 2023 - Apache Struts version 6.3.0.1 General Availability The Apache Struts group is pleased to announce that Apache Struts version 6.3.0.1 is available as a “General Availability” release. The GA designation is our highest quality grade. @@ -173,7 +173,7 @@ and, if appropriate, file https://issues.apache.org/jira/projects/WW/;> You can download this version from our download page. -13 September 2023 - Apache Struts version 6.1.2.2 General Availability +13 September 2023 - Apache Struts version 6.1.2.2 General Availability The Apache Struts group is pleased to announce that Apache Struts version 6.1.2.2 is available as a “General Availability” release. The GA designation is our highest quality grade. @@ -200,7 +200,7 @@ and, if appropriate, file https://issues.apache.org/jira/projects/WW/;> You can download this version from our download page. -13 September 2023 - Apache Struts version 2.5.32 General Availability +13 September 2023 - Apache Struts version 2.5.32 General Availability The Apache Struts group is pleased to announce that Apache Struts version 2.5.32 is available as a “General Availability” release. The GA designation is our highest quality grade.
[struts-site] branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new 5acab0b7a Updates stage by Jenkins 5acab0b7a is described below commit 5acab0b7a878675ea12f062089f8dc108940aaa8 Author: jenkins AuthorDate: Wed Sep 13 14:32:25 2023 + Updates stage by Jenkins --- content/announce-2023.html | 84 content/download.html | 86 +++--- content/index.html | 26 +++--- content/releases.html | 2 +- 4 files changed, 141 insertions(+), 57 deletions(-) diff --git a/content/announce-2023.html b/content/announce-2023.html index 13e8417f8..d31a77256 100644 --- a/content/announce-2023.html +++ b/content/announce-2023.html @@ -132,6 +132,9 @@ Announcements 2023 + 13 September 2023 - Apache Struts version 6.3.0.1 General Availability + 13 September 2023 - Apache Struts version 6.1.2.2 General Availability + 13 September 2023 - Apache Struts version 2.5.32 General Availability 04 September 2023 - Apache Struts version 6.3.0 General Availability 10 July 2023 - Apache Struts version 6.2.0 General Availability 13 June 2023 - Apache Struts version 6.1.2.1 General Availability @@ -143,6 +146,87 @@ Skip to: Announcements - 2022 +13 September 2023 - Apache Struts version 6.3.0.1 General Availability + +The Apache Struts group is pleased to announce that Apache Struts version 6.3.0.1 is available as a “General Availability” +release. The GA designation is our highest quality grade. + +The Apache Struts is an elegant, extensible framework for creating enterprise-ready Java web applications. +The framework has been designed to streamline the full development cycle, from building, to deploying, +to maintaining applications over time. + +This version addresses a potential security vulnerability described in https://cwiki.apache.org/confluence/display/WW/S2-065;>S2-065 - please read the mentioned security bulletins for more details. +This is a drop-in replacement and upgrade should be straightforward. + + + Please read the https://cwiki.apache.org/confluence/display/WW/Version+Notes+6.3.0.1;>Version Notes to find more details about performed +bug fixes and improvements. + + +All developers are strongly advised to perform this upgrade. + +The 6.x series of the Apache Struts framework has a minimum requirement of the following specification versions: +Servlet API 3.1, JSP API 2.1, and Java 8. + +Should any issues arise with your use of any version of the Struts framework, please post your comments to the user list, +and, if appropriate, file https://issues.apache.org/jira/projects/WW/;>a tracking ticket. + +You can download this version from our download page. + +13 September 2023 - Apache Struts version 6.1.2.2 General Availability + +The Apache Struts group is pleased to announce that Apache Struts version 6.1.2.2 is available as a “General Availability” +release. The GA designation is our highest quality grade. + +The Apache Struts is an elegant, extensible framework for creating enterprise-ready Java web applications. +The framework has been designed to streamline the full development cycle, from building, to deploying, +to maintaining applications over time. + +This version addresses a potential security vulnerability described in https://cwiki.apache.org/confluence/display/WW/S2-065;>S2-065 - please read the mentioned security bulletins for more details. +This is a drop-in replacement and upgrade should be straightforward. + + + Please read the https://cwiki.apache.org/confluence/display/WW/Version+Notes+6.1.2.2;>Version Notes to find more details about performed +bug fixes and improvements. + + +All developers are strongly advised to perform this upgrade. + +The 6.x series of the Apache Struts framework has a minimum requirement of the following specification versions: +Servlet API 3.1, JSP API 2.1, and Java 8. + +Should any issues arise with your use of any version of the Struts framework, please post your comments to the user list, +and, if appropriate, file https://issues.apache.org/jira/projects/WW/;>a tracking ticket. + +You can download this version from our download page. + +13 September 2023 - Apache Struts version 2.5.32 General Availability + +The Apache Struts group is pleased to announce that Apache Struts version 2.5.32 is available as a “General Availability” +release. The GA designation is our highest quality grade. + +The Apache Struts is an elegant, extensible framework for creating enterprise-ready Java web applications. +The framework has been designed to streamline the full development cycle, from building, to deploying, +to maintaining applications over time. + +This version addresses a potential security vulnerability
[struts-site] branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new 091f04c4f Updates stage by Jenkins 091f04c4f is described below commit 091f04c4f1de959a954976306608bb5b5f25f323 Author: jenkins AuthorDate: Tue Sep 5 06:10:18 2023 + Updates stage by Jenkins
[struts-site] branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new 8ace059ec Updates stage by Jenkins 8ace059ec is described below commit 8ace059ec621bcfa25fbbf2e7abf2bfa5fcd81eb Author: jenkins AuthorDate: Tue Sep 5 06:04:29 2023 + Updates stage by Jenkins --- content/announce-2023.html | 55 -- content/tag-developers/generator-tag.html | 80 - .../tag-developers/inputtransferselect-tag.html| 83 +- 3 files changed, 97 insertions(+), 121 deletions(-) diff --git a/content/announce-2023.html b/content/announce-2023.html index 027d93488..13e8417f8 100644 --- a/content/announce-2023.html +++ b/content/announce-2023.html @@ -160,29 +160,38 @@ See https://issues.apache.org/jira/browse/WW-5233;>WW-5233 for more Below is a full list of all changes: -Bug -WW-5330 - Issue when submitting a form with a textarea containing more than 4000 characters. -WW-5331 - Access to request attributes via tags is broken - -Improvement -WW-5233 - Include Apache Tiles code base in the Tiles plugin -WW-5321 - notify / document about new maxStringLength limitation -WW-5327 - Stop using JavaBeans notation for setters in SecurityMemberAccess MemberAccessValueStack -WW-5332 - Validate excluded package name list for missing commas -WW-5334 - Misc VelocityManager code cleanup -WW-5336 - Merge OgnlTool class into StrutsUtil class -WW-5337 - Improve performance of excluded classes and packages - -Dependency -WW-5315 - Upgrades ASM to version 9.5 -WW-5316 - Upgrades commons-io to version 2.13.0 -WW-5317 - Upgrades log4j-api to version 2.20.0 -WW-5318 - Upgrades slf4j-api to version 2.0.7 -WW-5320 - finish Reproducible Builds -WW-5322 - Upgrade Jackson version to 2.15.2 -WW-5323 - Upgrade JasperReports to version 6.20.5 -WW-5325 - Upgrade commons-lang3 to version 2.13.0 -WW-5329 - Upgrade xstream to version 1.4.20 +Bug + + + WW-5330 - Issue when submitting a form with a textarea containing more than 4000 characters. + WW-5331 - Access to request attributes via tags is broken + + +Improvement + + + WW-5233 - Include Apache Tiles code base in the Tiles plugin + WW-5321 - notify / document about new maxStringLength limitation + WW-5327 - Stop using JavaBeans notation for setters in SecurityMemberAccess MemberAccessValueStack + WW-5332 - Validate excluded package name list for missing commas + WW-5334 - Misc VelocityManager code cleanup + WW-5336 - Merge OgnlTool class into StrutsUtil class + WW-5337 - Improve performance of excluded classes and packages + + +Dependency + + + WW-5315 - Upgrades ASM to version 9.5 + WW-5316 - Upgrades commons-io to version 2.13.0 + WW-5317 - Upgrades log4j-api to version 2.20.0 + WW-5318 - Upgrades slf4j-api to version 2.0.7 + WW-5320 - finish Reproducible Builds + WW-5322 - Upgrade Jackson version to 2.15.2 + WW-5323 - Upgrade JasperReports to version 6.20.5 + WW-5325 - Upgrade commons-lang3 to version 2.13.0 + WW-5329 - Upgrade xstream to version 1.4.20 + Please read the https://cwiki.apache.org/confluence/display/WW/Version+Notes+6.3.0;>Version Notes to find more details about performed diff --git a/content/tag-developers/generator-tag.html b/content/tag-developers/generator-tag.html index 7b32c261b..53330f5c7 100644 --- a/content/tag-developers/generator-tag.html +++ b/content/tag-developers/generator-tag.html @@ -147,22 +147,70 @@ Attributes -?xml version=”1.0” encoding=”utf-8”? -!DOCTYPE html PUBLIC “-//W3C//DTD XHTML 1.0 Strict//EN” - “http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd”; - - -503 backend read error - - -Error 503 backend read error -backend read error -Error 54113 -Details: cache-iad-kcgs7200096-IAD 1693893730 1060536189 - -Varnish cache server - - + + +Dynamic Attributes Allowed: false + + + + + +Name +Required +Default +Evaluated +Type +Description + + +converter +false + +false +org.apache.struts2.util.IteratorGenerator.Converter +The converter to convert the String entry parsed from val into an object + + +count +false + +false +Integer +The max number entries to be in the iterator + + +performClearTagStateForTagPoolingServers +false +false +false +Boolean +Whether to clear all tag state during doEndTag() processing + + +separator +true + +false +String +The separator to be used in separating the val into entries of the iterator + + +val +true + +false +
[struts-site] branch asf-staging updated: Updates stage by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-staging in repository https://gitbox.apache.org/repos/asf/struts-site.git The following commit(s) were added to refs/heads/asf-staging by this push: new 2744ee177 Updates stage by Jenkins 2744ee177 is described below commit 2744ee177ced98fe4dbb72b9b62ec8ab1a252b15 Author: jenkins AuthorDate: Tue Sep 5 06:03:42 2023 + Updates stage by Jenkins --- content/tag-developers/generator-tag.html | 80 + .../tag-developers/inputtransferselect-tag.html| 83 +- 2 files changed, 98 insertions(+), 65 deletions(-) diff --git a/content/tag-developers/generator-tag.html b/content/tag-developers/generator-tag.html index 53330f5c7..7b32c261b 100644 --- a/content/tag-developers/generator-tag.html +++ b/content/tag-developers/generator-tag.html @@ -147,70 +147,22 @@ Attributes - - -Dynamic Attributes Allowed: false - - - - - -Name -Required -Default -Evaluated -Type -Description - - -converter -false - -false -org.apache.struts2.util.IteratorGenerator.Converter -The converter to convert the String entry parsed from val into an object - - -count -false - -false -Integer -The max number entries to be in the iterator - - -performClearTagStateForTagPoolingServers -false -false -false -Boolean -Whether to clear all tag state during doEndTag() processing - - -separator -true - -false -String -The separator to be used in separating the val into entries of the iterator - - -val -true - -false -String -The source to be parsed into an iterator - - -var -false - -false -String -The name to store the resultant iterator into page context, if such name is supplied - - +?xml version=”1.0” encoding=”utf-8”? +!DOCTYPE html PUBLIC “-//W3C//DTD XHTML 1.0 Strict//EN” + “http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd”; + + +503 backend read error + + +Error 503 backend read error +backend read error +Error 54113 +Details: cache-iad-kcgs7200096-IAD 1693893730 1060536189 + +Varnish cache server + + Examples diff --git a/content/tag-developers/inputtransferselect-tag.html b/content/tag-developers/inputtransferselect-tag.html index 309f1ae1d..5cb50dd17 100644 --- a/content/tag-developers/inputtransferselect-tag.html +++ b/content/tag-developers/inputtransferselect-tag.html @@ -147,7 +147,88 @@ tag is being used in a form tag. The generated id and doubleId will be form_id_inputtransferselect_doubleName respectively. -Renders an input form +!DOCTYPE html +!– + +Hello future GitHubber! I bet you’re here to remove those nasty inline styles, +DRY up these templates and make ‘em nice and re-usable, right? + +Please, don’t. https://github.com/styleguide/templates/2.0 + +– + + +Unicorn! GitHub + + body { +background-color: #f1f1f1; +margin: 0; +font-family: "Helvetica Neue", Helvetica, Arial, sans-serif; + } + + .container { margin: 50px auto 40px auto; width: 600px; text-align: center; } + + a { color: #4183c4; text-decoration: none; } + a:hover { text-decoration: underline; } + + h1 { letter-spacing: -1px; line-height: 60px; font-size: 60px; font-weight: 100; margin: 0px; text-shadow: 0 1px 0 #fff; } + p { color: rgba(0, 0, 0, 0.5); margin: 10px 0 10px; font-size: 18px; font-weight: 200; line-height: 1.6em;} + + ul { list-style: none; margin: 25px 0; padding: 0; } + li { display: table-cell; font-weight: bold; width: 1%; } + + .logo { display: inline-block; margin-top: 35px; } + .logo-img-2x { display: none; } + @media + only screen and (-webkit-min-device-pixel-ratio: 2), + only screen and ( min--moz-device-pixel-ratio: 2), + only screen and ( -o-min-device-pixel-ratio: 2/1), + only screen and (min-device-pixel-ratio: 2), + only screen and (min-resolution: 192dpi), + only screen and (min-resolution: 2dppx) { +.logo-img-1x { display: none; } +.logo-img-2x { display: inline-block; } + } + + #suggestions { +margin-top: 35px; +color: #ccc; + } + #suggestions a { +color: #66; +font-weight: 200; +font-size: 14px; +margin: 0 10px; + } + + + + + + + + +https://github.com/contact;>Contact Support +https://www.githubstatus.com;>GitHub Status +https://twitter.com/githubstatus;>@githubstatus +