coveralls edited a comment on pull request #525:
URL: https://github.com/apache/struts/pull/525#issuecomment-1011979047
[](https://coveralls.io/builds/45626139)
Coverage increased (+0.002%) to 50.512% when pulling
**7
yasserzamani commented on a change in pull request #525:
URL: https://github.com/apache/struts/pull/525#discussion_r784835687
##
File path: core/src/test/java/org/apache/struts2/views/jsp/ui/TextfieldTest.java
##
@@ -346,7 +346,7 @@ public void testSimple_recursionTest() throws
coveralls edited a comment on pull request #496:
URL: https://github.com/apache/struts/pull/496#issuecomment-877038063
[](https://coveralls.io/builds/45764576)
Coverage increased (+0.2%) to 47.553% when pulling
**8a46
aleksandr-m commented on pull request #496:
URL: https://github.com/apache/struts/pull/496#issuecomment-1016868300
@yasserzamani Why `dynamicAttributes` type is changed?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use
yasserzamani commented on pull request #496:
URL: https://github.com/apache/struts/pull/496#issuecomment-1016886548
@aleksandr-m thanks for asking! Now by merging upstream into this branch by
me, a test of TextField has two dynamic parameters set (one added by Lukasz).
Then I saw that test
yasserzamani commented on pull request #496:
URL: https://github.com/apache/struts/pull/496#issuecomment-1016946352
@aleksandr-m LinkedHashMap didn't help either. I just reverted it and
instead I fixed (improved) the corresponding test to be able to verify against
any of multiple possibili
coveralls edited a comment on pull request #496:
URL: https://github.com/apache/struts/pull/496#issuecomment-877038063
[](https://coveralls.io/builds/45770583)
Coverage increased (+0.2%) to 47.553% when pulling
**e783
coveralls edited a comment on pull request #523:
URL: https://github.com/apache/struts/pull/523#issuecomment-1004639681
[](https://coveralls.io/builds/45856772)
Coverage increased (+0.008%) to 50.517% when pulling
**6
lukaszlenart commented on pull request #482:
URL: https://github.com/apache/struts/pull/482#issuecomment-1019453792
Changes have been cherry-picked into #526
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL abo
coveralls commented on pull request #526:
URL: https://github.com/apache/struts/pull/526#issuecomment-1019456567
[](https://coveralls.io/builds/45856902)
Coverage increased (+0.003%) to 50.559% when pulling
**56595356
coveralls commented on pull request #527:
URL: https://github.com/apache/struts/pull/527#issuecomment-1019467667
[](https://coveralls.io/builds/45857194)
Coverage decreased (-0.002%) to 50.553% when pulling
**0a057395
lukaszlenart commented on pull request #523:
URL: https://github.com/apache/struts/pull/523#issuecomment-1019470216
Time to merge :)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific
lukaszlenart commented on pull request #526:
URL: https://github.com/apache/struts/pull/526#issuecomment-1024941271
LGTM 👍
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
JCgH4164838Gh792C124B5 commented on pull request #528:
URL: https://github.com/apache/struts/pull/528#issuecomment-1025325062
Hello Apache Struts Team.
This PR contains a potential enhancement for the expression and BeanInfo
cache implementation in the 2.6 branch. Others may have ot
coveralls commented on pull request #529:
URL: https://github.com/apache/struts/pull/529#issuecomment-1030815732
[](https://coveralls.io/builds/46265049)
Coverage increased (+0.002%) to 50.563% when pulling
**804e1546
gregh3269 commented on pull request #530:
URL: https://github.com/apache/struts/pull/530#issuecomment-1031579807
think I got this wrong :-(. end("input"); Will try again.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and
coveralls commented on pull request #528:
URL: https://github.com/apache/struts/pull/528#issuecomment-1033414784
[](https://coveralls.io/builds/46363439)
Coverage increased (+0.04%) to 50.603% when pulling
**4d8108e76
coveralls commented on pull request #531:
URL: https://github.com/apache/struts/pull/531#issuecomment-1034029833
[](https://coveralls.io/builds/46385055)
Coverage increased (+0.003%) to 50.565% when pulling
**b1e9eae0
gregh3269 commented on pull request #530:
URL: https://github.com/apache/struts/pull/530#issuecomment-1034617301
OK #531
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To
coveralls edited a comment on pull request #531:
URL: https://github.com/apache/struts/pull/531#issuecomment-1034029833
[](https://coveralls.io/builds/46430911)
Coverage increased (+0.007%) to 50.569% when pulling
**1
JCgH4164838Gh792C124B5 commented on pull request #528:
URL: https://github.com/apache/struts/pull/528#issuecomment-1037479805
Hi @lukaszlenart .
Thanks for the feedback and suggestions.
Moving the existing cache layer into dedicated interfaces/classes is
probably cleaner in th
JCgH4164838Gh792C124B5 commented on a change in pull request #531:
URL: https://github.com/apache/struts/pull/531#discussion_r805209191
##
File path:
plugins/javatemplates/src/main/java/org/apache/struts2/views/java/simple/CheckboxHandler.java
##
@@ -35,29 +36,33 @@ public voi
lukaszlenart commented on a change in pull request #531:
URL: https://github.com/apache/struts/pull/531#discussion_r805302874
##
File path:
plugins/javatemplates/src/main/java/org/apache/struts2/views/java/simple/CheckboxHandler.java
##
@@ -35,29 +36,33 @@ public void generate
gregh3269 commented on a change in pull request #531:
URL: https://github.com/apache/struts/pull/531#discussion_r805303520
##
File path:
plugins/javatemplates/src/main/java/org/apache/struts2/views/java/simple/CheckboxHandler.java
##
@@ -35,29 +36,33 @@ public void generate()
gregh3269 commented on a change in pull request #531:
URL: https://github.com/apache/struts/pull/531#discussion_r805303520
##
File path:
plugins/javatemplates/src/main/java/org/apache/struts2/views/java/simple/CheckboxHandler.java
##
@@ -35,29 +36,33 @@ public void generate()
lukaszlenart commented on pull request #528:
URL: https://github.com/apache/struts/pull/528#issuecomment-1037946560
You can inject them via constructor if you want to or provide a factory
which will be injected into `OgnlUtil` and this factory will be used to create
a proper instance of ca
lukaszlenart edited a comment on pull request #528:
URL: https://github.com/apache/struts/pull/528#issuecomment-1037946560
You can inject them via constructor if you want to or provide a factory
which will be injected into `OgnlUtil` and this factory will be used to create
a proper instanc
lukaszlenart commented on pull request #529:
URL: https://github.com/apache/struts/pull/529#issuecomment-1037952530
Hm... I can implement a flag to either use a new or an old formatting
mechanism. Yet this will introduce unnecessary complexity and I think it's a
good moment to break backwa
lukaszlenart commented on a change in pull request #531:
URL: https://github.com/apache/struts/pull/531#discussion_r805305455
##
File path:
plugins/javatemplates/src/main/java/org/apache/struts2/views/java/simple/CheckboxHandler.java
##
@@ -35,29 +36,33 @@ public void generate
gregh3269 commented on a change in pull request #531:
URL: https://github.com/apache/struts/pull/531#discussion_r805307260
##
File path:
plugins/javatemplates/src/main/java/org/apache/struts2/views/java/simple/CheckboxHandler.java
##
@@ -35,29 +36,33 @@ public void generate()
coveralls edited a comment on pull request #531:
URL: https://github.com/apache/struts/pull/531#issuecomment-1034029833
[](https://coveralls.io/builds/46490812)
Coverage increased (+0.007%) to 50.569% when pulling
**f
lukaszlenart commented on a change in pull request #531:
URL: https://github.com/apache/struts/pull/531#discussion_r805351070
##
File path:
plugins/javatemplates/src/main/java/org/apache/struts2/views/java/simple/CheckboxHandler.java
##
@@ -35,29 +36,33 @@ public void generate
coveralls edited a comment on pull request #531:
URL: https://github.com/apache/struts/pull/531#issuecomment-1034029833
[](https://coveralls.io/builds/46490812)
Coverage increased (+0.007%) to 50.569% when pulling
**f
JCgH4164838Gh792C124B5 commented on a change in pull request #531:
URL: https://github.com/apache/struts/pull/531#discussion_r805209191
##
File path:
plugins/javatemplates/src/main/java/org/apache/struts2/views/java/simple/CheckboxHandler.java
##
@@ -35,29 +36,33 @@ public voi
lukaszlenart commented on pull request #528:
URL: https://github.com/apache/struts/pull/528#issuecomment-1037946560
You can inject them via constructor if you want to or provide a factory
which will be injected into `OgnlUtil` and this factory will be used to create
a proper instance of ca
gregh3269 commented on a change in pull request #531:
URL: https://github.com/apache/struts/pull/531#discussion_r805303520
##
File path:
plugins/javatemplates/src/main/java/org/apache/struts2/views/java/simple/CheckboxHandler.java
##
@@ -35,29 +36,33 @@ public void generate()
lukaszlenart commented on a change in pull request #531:
URL: https://github.com/apache/struts/pull/531#discussion_r805302874
##
File path:
plugins/javatemplates/src/main/java/org/apache/struts2/views/java/simple/CheckboxHandler.java
##
@@ -35,29 +36,33 @@ public void generate
JCgH4164838Gh792C124B5 commented on pull request #528:
URL: https://github.com/apache/struts/pull/528#issuecomment-1037479805
Hi @lukaszlenart .
Thanks for the feedback and suggestions.
Moving the existing cache layer into dedicated interfaces/classes is
probably cleaner in th
lukaszlenart commented on pull request #529:
URL: https://github.com/apache/struts/pull/529#issuecomment-1037952530
Hm... I can implement a flag to either use a new or an old formatting
mechanism. Yet this will introduce unnecessary complexity and I think it's a
good moment to break backwa
lukaszlenart edited a comment on pull request #528:
URL: https://github.com/apache/struts/pull/528#issuecomment-1037946560
You can inject them via constructor if you want to or provide a factory
which will be injected into `OgnlUtil` and this factory will be used to create
a proper instanc
gregh3269 commented on a change in pull request #531:
URL: https://github.com/apache/struts/pull/531#discussion_r805575244
##
File path:
plugins/javatemplates/src/main/java/org/apache/struts2/views/java/simple/CheckboxHandler.java
##
@@ -35,29 +36,33 @@ public void generate()
lukaszlenart commented on pull request #529:
URL: https://github.com/apache/struts/pull/529#issuecomment-1046220750
I'm working on a version which uses `@Inject` to inject a porper formatter.
--
This is an automated message from the Apache Git Service.
To respond to the message, please lo
lukaszlenart commented on pull request #529:
URL: https://github.com/apache/struts/pull/529#issuecomment-1046228304
Done, I've extended the change to use to a formatter injected by the
framework based on user choice.
--
This is an automated message from the Apache Git Service.
To respond
coveralls edited a comment on pull request #529:
URL: https://github.com/apache/struts/pull/529#issuecomment-1030815732
[](https://coveralls.io/builds/46711916)
Coverage increased (+0.01%) to 50.575% when pulling
**56
coveralls edited a comment on pull request #529:
URL: https://github.com/apache/struts/pull/529#issuecomment-1030815732
[](https://coveralls.io/builds/46723053)
Coverage increased (+0.02%) to 50.583% when pulling
**47
coveralls edited a comment on pull request #529:
URL: https://github.com/apache/struts/pull/529#issuecomment-1030815732
[](https://coveralls.io/builds/46744461)
Coverage increased (+0.02%) to 50.583% when pulling
**59
JCgH4164838Gh792C124B5 commented on pull request #528:
URL: https://github.com/apache/struts/pull/528#issuecomment-1060140160
Hi @lukaszlenart .
The PR has been updated after refactoring to something more along the lines
of what you suggested, and then resolving a merge conflict. Th
coveralls edited a comment on pull request #528:
URL: https://github.com/apache/struts/pull/528#issuecomment-1033414784
[](https://coveralls.io/builds/47111228)
Coverage increased (+0.05%) to 50.638% when pulling
**4c
lukaszlenart commented on pull request #528:
URL: https://github.com/apache/struts/pull/528#issuecomment-1060741354
Brilliant 💯 👏
Do you plan updating the docs [1]?
[1] https://struts.apache.org/tag-developers/
(maybe we should move the OGNL section to the Core Developers Guid
JCgH4164838Gh792C124B5 commented on pull request #528:
URL: https://github.com/apache/struts/pull/528#issuecomment-1066282164
Hi @lukaszlenart.
Thanks for the additional feedback.
I had not considered the documentation side of things in relation to the
potential change. The e
lukaszlenart commented on a change in pull request #528:
URL: https://github.com/apache/struts/pull/528#discussion_r825734744
##
File path: core/src/main/java/com/opensymphony/xwork2/ognl/OgnlUtil.java
##
@@ -78,14 +78,45 @@
private boolean allowStaticMethodAccess;
pr
lukaszlenart commented on pull request #528:
URL: https://github.com/apache/struts/pull/528#issuecomment-1066558111
> Should we create a JIRA for tracking for the potential change as well ?
Up to you, it allows users to monitor what has changed plus you can link the
new documentation
lukaszlenart commented on pull request #496:
URL: https://github.com/apache/struts/pull/496#issuecomment-1067993790
LGTM 👍
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
coveralls edited a comment on pull request #528:
URL: https://github.com/apache/struts/pull/528#issuecomment-1033414784
[](https://coveralls.io/builds/47522255)
Coverage increased (+0.06%) to 50.649% when pulling
**08
JCgH4164838Gh792C124B5 commented on a change in pull request #528:
URL: https://github.com/apache/struts/pull/528#discussion_r830729848
##
File path: core/src/main/java/com/opensymphony/xwork2/ognl/OgnlUtil.java
##
@@ -78,14 +78,45 @@
private boolean allowStaticMethodAcces
JCgH4164838Gh792C124B5 commented on a change in pull request #528:
URL: https://github.com/apache/struts/pull/528#discussion_r830736137
##
File path: core/src/main/java/com/opensymphony/xwork2/ognl/OgnlUtil.java
##
@@ -78,14 +78,45 @@
private boolean allowStaticMethodAcces
JCgH4164838Gh792C124B5 commented on a change in pull request #528:
URL: https://github.com/apache/struts/pull/528#discussion_r830736468
##
File path: core/src/main/java/com/opensymphony/xwork2/ognl/OgnlUtil.java
##
@@ -78,14 +78,45 @@
private boolean allowStaticMethodAcces
lukaszlenart commented on a change in pull request #528:
URL: https://github.com/apache/struts/pull/528#discussion_r831098550
##
File path: core/src/main/java/com/opensymphony/xwork2/ognl/OgnlUtil.java
##
@@ -78,14 +78,45 @@
private boolean allowStaticMethodAccess;
pr
lukaszlenart commented on a change in pull request #528:
URL: https://github.com/apache/struts/pull/528#discussion_r831125065
##
File path: core/src/main/java/com/opensymphony/xwork2/ognl/OgnlUtil.java
##
@@ -78,14 +78,45 @@
private boolean allowStaticMethodAccess;
pr
coveralls commented on pull request #533:
URL: https://github.com/apache/struts/pull/533#issuecomment-1086924287
[](https://coveralls.io/builds/47949911)
Coverage remained the same at 50.585% when pulling
**df6e0f19d7
JCgH4164838Gh792C124B5 commented on PR #528:
URL: https://github.com/apache/struts/pull/528#issuecomment-1086978579
Hi @lukaszlenart .
While attempting to put together some documentation on configuring the new
caches, I found that I could not successfully register a custom implementation
lukaszlenart commented on PR #528:
URL: https://github.com/apache/struts/pull/528#issuecomment-1087197928
Yeah... I'm planning to write a guideline how to use Struts DI mechanism, it
can be hard to understand on the first glimpse ;-)
You can try to follow my changes in this
[PR](http
lukaszlenart commented on PR #533:
URL: https://github.com/apache/struts/pull/533#issuecomment-1087288567
I would close this PR as it was branched off old master, you can follow this
step to learn how to prepare a fresh branch out of Struts master branch - it's
a recommended approach.
victorsosa commented on PR #533:
URL: https://github.com/apache/struts/pull/533#issuecomment-1087288661
this got messy; I will commit another PR
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to th
lukaszlenart commented on PR #528:
URL: https://github.com/apache/struts/pull/528#issuecomment-1087712241
I've started preparing the guideline
https://github.com/apache/struts-site/pull/160
--
This is an automated message from the Apache Git Service.
To respond to the message, please log
coveralls commented on PR #536:
URL: https://github.com/apache/struts/pull/536#issuecomment-1106721465
[](https://coveralls.io/builds/48496807)
Coverage remained the same at 47.553% when pulling
**062113d887f80c8dd8757
coveralls commented on PR #537:
URL: https://github.com/apache/struts/pull/537#issuecomment-1106740517
[](https://coveralls.io/builds/48497750)
Coverage remained the same at 47.553% when pulling
**2e0d1f4de7e19dd7d725f
dependabot[bot] commented on PR #535:
URL: https://github.com/apache/struts/pull/535#issuecomment-1107042720
Superseded by #538.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comme
lukaszlenart commented on PR #539:
URL: https://github.com/apache/struts/pull/539#issuecomment-1112044383
Could you register a ticket in JIRA? This is quite important information for
users
https://issues.apache.org/jira/browse/WW
--
This is an automated message from the Apache Git Serv
k4n5ha0 commented on PR #539:
URL: https://github.com/apache/struts/pull/539#issuecomment-1112079892
> Could you register a ticket in JIRA? This is quite important information
for users https://issues.apache.org/jira/browse/WW
@lukaszlenart
sorry because some reason,this url is bl
k4n5ha0 commented on PR #539:
URL: https://github.com/apache/struts/pull/539#issuecomment-111325
i chose other way to protect my app
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specif
k4n5ha0 commented on PR #537:
URL: https://github.com/apache/struts/pull/537#issuecomment-111381
i chose other way to protect my app
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specif
coveralls commented on PR #541:
URL: https://github.com/apache/struts/pull/541#issuecomment-1114221607
[](https://coveralls.io/builds/48733263)
Coverage remained the same at 47.553% when pulling
**393f467b2e0287e7dfbdc
coveralls commented on PR #543:
URL: https://github.com/apache/struts/pull/543#issuecomment-1114231760
[](https://coveralls.io/builds/48733582)
Coverage remained the same at 47.553% when pulling
**b9f114847a04d5a7bf5ea
JCgH4164838Gh792C124B5 commented on PR #528:
URL: https://github.com/apache/struts/pull/528#issuecomment-1114334465
Hello @lukaszlenart . Thank you for the explanation concerning the DI
mechanism flow, the reference example PR, and putting together the guideline in
the site documentation.
lukaszlenart commented on PR #534:
URL: https://github.com/apache/struts/pull/534#issuecomment-1114536351
Is it ok to merge this PR? //cc: @sepe81
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to
lukaszlenart commented on PR #542:
URL: https://github.com/apache/struts/pull/542#issuecomment-1114537796
@k4n5ha0 did you ever run tests? You will notice tones of WARNs and it won't
work.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log o
lukaszlenart commented on PR #528:
URL: https://github.com/apache/struts/pull/528#issuecomment-1114539938
Let me work a bit on you PR, maybe something obvious is missing (which
happens to me each time when I need to work with Struts CI ;) )
--
This is an automated message from the Apache
dependabot[bot] commented on PR #538:
URL: https://github.com/apache/struts/pull/538#issuecomment-1114547120
OK, I won't notify you again about this release, but will get in touch when
a new version is available. If you'd rather skip all updates until the next
major or minor version, let me
victorsosa commented on PR #534:
URL: https://github.com/apache/struts/pull/534#issuecomment-1114745858
nop, yet; still issue with lib dependencies
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to
victorsosa commented on PR #534:
URL: https://github.com/apache/struts/pull/534#issuecomment-1115058978
Trying to update to servlet 3.1.0, but getting a weird not found class
javax.servlet
javax.servlet-api
3.1.0
provided
victorsosa commented on PR #534:
URL: https://github.com/apache/struts/pull/534#issuecomment-1115070114
Ok, I fixed the servlet 3.1.0 dependency issue, now I got some class change
issue in code
[ERROR] Failed to execute goal
org.apache.maven.plugins:maven-compiler-plugin:3.8.1:compil
victorsosa commented on PR #534:
URL: https://github.com/apache/struts/pull/534#issuecomment-1115141078
servlet 3.1.0 include some changes, working on it
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to
aleksandr-m commented on PR #545:
URL: https://github.com/apache/struts/pull/545#issuecomment-1115262143
@k4n5ha0 Why `try catches`? What are you trying to solve with this PR? Can
you create some unit tests?
--
This is an automated message from the Apache Git Service.
To respond to the me
aleksandr-m commented on PR #545:
URL: https://github.com/apache/struts/pull/545#issuecomment-1115264217
BTW if you are trying to solve some security related issue then maybe you
can post it in the security mailing list -
https://struts.apache.org/security.html
--
This is an automated me
coveralls commented on PR #545:
URL: https://github.com/apache/struts/pull/545#issuecomment-1115393345
[](https://coveralls.io/builds/48770560)
Coverage increased (+0.002%) to 47.556% when pulling
**d2e8ed0898fe18cf1b6
k4n5ha0 commented on PR #545:
URL: https://github.com/apache/struts/pull/545#issuecomment-1115480283
> BTW if you are trying to solve some security related issue then maybe you
can post it in the security mailing list -
https://struts.apache.org/security.html
i send to jira before.
k4n5ha0 commented on PR #545:
URL: https://github.com/apache/struts/pull/545#issuecomment-1115480656
> @k4n5ha0 Why `try catches`? What are you trying to solve with this PR? Can
you create some unit tests?
i am sec engine , my code tech isn't well.
--
This is an automated message f
coveralls commented on PR #546:
URL: https://github.com/apache/struts/pull/546#issuecomment-1115731822
[](https://coveralls.io/builds/48776874)
Coverage increased (+0.005%) to 47.558% when pulling
**fa99a8821a03878e5d6
lukaszlenart commented on code in PR #546:
URL: https://github.com/apache/struts/pull/546#discussion_r863569592
##
core/src/main/java/com/opensymphony/xwork2/ognl/SecurityMemberAccess.java:
##
@@ -168,8 +170,20 @@ protected boolean isClassExcluded(Class clazz) {
ret
k4n5ha0 commented on code in PR #546:
URL: https://github.com/apache/struts/pull/546#discussion_r863573821
##
core/src/main/java/com/opensymphony/xwork2/ognl/SecurityMemberAccess.java:
##
@@ -168,8 +170,20 @@ protected boolean isClassExcluded(Class clazz) {
return t
lukaszlenart commented on code in PR #546:
URL: https://github.com/apache/struts/pull/546#discussion_r863575099
##
core/src/main/java/com/opensymphony/xwork2/ognl/SecurityMemberAccess.java:
##
@@ -168,8 +170,20 @@ protected boolean isClassExcluded(Class clazz) {
ret
k4n5ha0 commented on code in PR #546:
URL: https://github.com/apache/struts/pull/546#discussion_r863576527
##
core/src/main/java/com/opensymphony/xwork2/ognl/SecurityMemberAccess.java:
##
@@ -168,8 +170,20 @@ protected boolean isClassExcluded(Class clazz) {
return t
lukaszlenart commented on code in PR #546:
URL: https://github.com/apache/struts/pull/546#discussion_r863578444
##
core/src/main/java/com/opensymphony/xwork2/ognl/SecurityMemberAccess.java:
##
@@ -168,8 +170,20 @@ protected boolean isClassExcluded(Class clazz) {
ret
k4n5ha0 commented on code in PR #546:
URL: https://github.com/apache/struts/pull/546#discussion_r863581227
##
core/src/main/java/com/opensymphony/xwork2/ognl/SecurityMemberAccess.java:
##
@@ -168,8 +170,20 @@ protected boolean isClassExcluded(Class clazz) {
return t
lukaszlenart commented on code in PR #546:
URL: https://github.com/apache/struts/pull/546#discussion_r863586541
##
core/src/main/java/com/opensymphony/xwork2/ognl/SecurityMemberAccess.java:
##
@@ -168,8 +170,20 @@ protected boolean isClassExcluded(Class clazz) {
ret
lukaszlenart commented on code in PR #546:
URL: https://github.com/apache/struts/pull/546#discussion_r863597663
##
core/src/main/java/com/opensymphony/xwork2/ognl/SecurityMemberAccess.java:
##
@@ -168,8 +170,20 @@ protected boolean isClassExcluded(Class clazz) {
ret
lukaszlenart commented on PR #545:
URL: https://github.com/apache/struts/pull/545#issuecomment-1115892354
This kind of attack can be simple prevented by setting up
[struts.ognl.expressionMaxLength](https://struts.apache.org/security/#apply-a-maximum-allowed-length-on-ognl-expressions)
and y
k4n5ha0 commented on code in PR #546:
URL: https://github.com/apache/struts/pull/546#discussion_r863610769
##
core/src/main/java/com/opensymphony/xwork2/ognl/SecurityMemberAccess.java:
##
@@ -168,8 +170,20 @@ protected boolean isClassExcluded(Class clazz) {
return t
k4n5ha0 commented on PR #545:
URL: https://github.com/apache/struts/pull/545#issuecomment-1115910565
> This kind of attack can be simple prevented by setting up
[struts.ognl.expressionMaxLength](https://struts.apache.org/security/#apply-a-maximum-allowed-length-on-ognl-expressions)
and your
601 - 700 of 966 matches
Mail list logo