[jira] [Commented] (WW-4507) Struts 2 XSS vulnerability with

[ https://issues.apache.org/jira/browse/WW-4507?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15217656#comment-15217656 ] Rene Gielen commented on WW-4507: - [~taromaru] I'm not sure if my analysis above is completely wrong.

[jira] [Commented] (WW-4507) Struts 2 XSS vulnerability with

[ https://issues.apache.org/jira/browse/WW-4507?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15178408#comment-15178408 ] Rene Gielen commented on WW-4507: - [~lukaszlenart] done, sorra for not resolving the issue > Struts 2 XSS

[jira] [Comment Edited] (WW-4507) Struts 2 XSS vulnerability with

[ https://issues.apache.org/jira/browse/WW-4507?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15178408#comment-15178408 ] Rene Gielen edited comment on WW-4507 at 3/3/16 7:16 PM: - [~lukaszlenart] done, sorry

[jira] [Resolved] (WW-4507) Struts 2 XSS vulnerability with

[ https://issues.apache.org/jira/browse/WW-4507?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Rene Gielen resolved WW-4507. - Resolution: Fixed > Struts 2 XSS vulnerability with > - > >

[jira] [Updated] (WW-4507) Struts 2 XSS vulnerability with

[ https://issues.apache.org/jira/browse/WW-4507?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Rene Gielen updated WW-4507: Fix Version/s: 2.5 > Struts 2 XSS vulnerability with > - > >

[jira] [Assigned] (WW-4507) Struts 2 XSS vulnerability with

[ https://issues.apache.org/jira/browse/WW-4507?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Rene Gielen reassigned WW-4507: --- Assignee: Rene Gielen > Struts 2 XSS vulnerability with >

[jira] [Resolved] (WW-4403) JDK 8: build fails due to JavaDoc checking issues

[ https://issues.apache.org/jira/browse/WW-4403?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Rene Gielen resolved WW-4403. - Resolution: Fixed Assignee: Rene Gielen Fix Version/s: 2.3.25 An automatically activated

[jira] [Resolved] (WW-4381) upgrade to jasperreports 6.0

[ https://issues.apache.org/jira/browse/WW-4381?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Rene Gielen resolved WW-4381. - Resolution: Fixed excluded dependencies that are not served from Maven Central and that are not needed

[jira] [Commented] (WW-4507) Struts 2 XSS vulnerability with

[ https://issues.apache.org/jira/browse/WW-4507?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15098308#comment-15098308 ] Rene Gielen commented on WW-4507: - We can confirm now that this is a platform issue. Especially JRE 1.5's

[jira] [Reopened] (WW-4381) upgrade to jasperreports 6.0

[ https://issues.apache.org/jira/browse/WW-4381?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Rene Gielen reopened WW-4381: - Assignee: Rene Gielen Jasper Reports 6 unfortunately introduces custom repositories in its pom to provide

[jira] [Commented] (WW-4507) Struts 2 XSS vulnerability with

[ https://issues.apache.org/jira/browse/WW-4507?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15082735#comment-15082735 ] Rene Gielen commented on WW-4507: - I have tried to reproduce this with a page encoding of ISO-8859-1 on

[jira] [Updated] (WW-4559) Define a bean of java.io.FileInputStream in Spring makes the Struts stream result not work

[ https://issues.apache.org/jira/browse/WW-4559?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Rene Gielen updated WW-4559: Priority: Minor (was: Major) > Define a bean of java.io.FileInputStream in Spring makes the Struts stream >

[jira] [Commented] (WW-4559) Define a bean of java.io.FileInputStream in Spring makes the Struts stream result not work

[ https://issues.apache.org/jira/browse/WW-4559?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=14989110#comment-14989110 ] Rene Gielen commented on WW-4559: - Struts treats dependency injection as a first class citizen, so injection

[jira] [Updated] (WW-4559) Define a bean of java.io.FileInputStream in Spring makes the Struts stream result not work

[ https://issues.apache.org/jira/browse/WW-4559?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Rene Gielen updated WW-4559: Fix Version/s: (was: 2.3.x) 2.5.x > Define a bean of java.io.FileInputStream in Spring

[jira] [Commented] (WW-4559) Define a bean of java.io.FileInputStream in Spring makes the Struts stream result not work

[ https://issues.apache.org/jira/browse/WW-4559?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=14987441#comment-14987441 ] Rene Gielen commented on WW-4559: - It looks like your autowiring strategy is set to "type". See

[jira] [Commented] (WW-4188) In struts tag lib, required attribute removed in latest version ie 2.3.15.1

[ https://issues.apache.org/jira/browse/WW-4188?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=14201838#comment-14201838 ] Rene Gielen commented on WW-4188: - Once in a while I came to feel that we are doing something

[jira] [Commented] (WW-4188) In struts tag lib, required attribute removed in latest version ie 2.3.15.1

[ https://issues.apache.org/jira/browse/WW-4188?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=14201847#comment-14201847 ] Rene Gielen commented on WW-4188: - [~mahendranmahesh] Thanks for your report and your

[jira] [Comment Edited] (WW-4188) In struts tag lib, required attribute removed in latest version ie 2.3.15.1

[ https://issues.apache.org/jira/browse/WW-4188?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=14201838#comment-14201838 ] Rene Gielen edited comment on WW-4188 at 11/7/14 9:45 AM: -- Once in a

[jira] [Commented] (WW-4188) In struts tag lib, required attribute removed in latest version ie 2.3.15.1

[ https://issues.apache.org/jira/browse/WW-4188?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=14201874#comment-14201874 ] Rene Gielen commented on WW-4188: - [~cn42] There might be issues, yes - but this actually

[jira] [Created] (WW-4402) JDK 8: build fails due to missing apt tool

Rene Gielen created WW-4402: --- Summary: JDK 8: build fails due to missing apt tool Key: WW-4402 URL: https://issues.apache.org/jira/browse/WW-4402 Project: Struts 2 Issue Type: Bug

[jira] [Created] (WW-4403) JDK 8: build fails due to JavaDoc checking issues

Rene Gielen created WW-4403: --- Summary: JDK 8: build fails due to JavaDoc checking issues Key: WW-4403 URL: https://issues.apache.org/jira/browse/WW-4403 Project: Struts 2 Issue Type: Bug

[jira] [Updated] (WW-4403) JDK 8: build fails due to JavaDoc checking issues

[ https://issues.apache.org/jira/browse/WW-4403?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Rene Gielen updated WW-4403: Description: JDK 8 introduced stricter checking for JavaDoc processing, causing issues formerly producing

[jira] [Commented] (WW-4403) JDK 8: build fails due to JavaDoc checking issues

[ https://issues.apache.org/jira/browse/WW-4403?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=14131215#comment-14131215 ] Rene Gielen commented on WW-4403: - Testability is blocked by fixing this blocking build issue

[jira] [Updated] (WW-4347) Support for JDK 8

[ https://issues.apache.org/jira/browse/WW-4347?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Rene Gielen updated WW-4347: Labels: jdk8 (was: ) Support for JDK 8 - Key: WW-4347

[jira] [Updated] (WW-4347) Support for JDK 8 Lambdas

[ https://issues.apache.org/jira/browse/WW-4347?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Rene Gielen updated WW-4347: Summary: Support for JDK 8 Lambdas (was: Support for JDK 8) Support for JDK 8 Lambdas

[jira] [Commented] (WW-3113) Struts 2 and Flat Tire in my car

[ https://issues.apache.org/jira/browse/WW-3113?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=14112707#comment-14112707 ] Rene Gielen commented on WW-3113: - [~musachy] Thanks for your input regarding SLAs. As you

[jira] [Commented] (WW-3113) Struts 2 and Flat Tire in my car

[ https://issues.apache.org/jira/browse/WW-3113?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=14112717#comment-14112717 ] Rene Gielen commented on WW-3113: - [~newton_dave] I fear this is not enterprisy enough for

[jira] [Comment Edited] (WW-3113) Struts 2 and Flat Tire in my car

[ https://issues.apache.org/jira/browse/WW-3113?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=14112707#comment-14112707 ] Rene Gielen edited comment on WW-3113 at 8/27/14 8:45 PM: --

[jira] [Commented] (WW-4347) Support for JDK 8

[ https://issues.apache.org/jira/browse/WW-4347?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=14095496#comment-14095496 ] Rene Gielen commented on WW-4347: - Java 8 byte code is officially supported since ASM 5.

[jira] [Updated] (WW-4347) Support for JDK 8

[ https://issues.apache.org/jira/browse/WW-4347?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Rene Gielen updated WW-4347: Fix Version/s: (was: 2.5) 2.3.18 Support for JDK 8 -

[jira] [Commented] (WW-4347) Support for JDK 8

[ https://issues.apache.org/jira/browse/WW-4347?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=14095551#comment-14095551 ] Rene Gielen commented on WW-4347: - As suggested by [~lukaszlenart], I've moved this issue to

[jira] [Commented] (WW-4207) Upgrade to OGNL 3.0.8

[ https://issues.apache.org/jira/browse/WW-4207?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13966483#comment-13966483 ] Rene Gielen commented on WW-4207: - I make a case for upgrading to OGNL 3.0.9, for which I

[jira] [Comment Edited] (WW-4207) Upgrade to OGNL 3.0.8

[ https://issues.apache.org/jira/browse/WW-4207?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13966483#comment-13966483 ] Rene Gielen edited comment on WW-4207 at 4/11/14 1:35 PM: -- I make a

[jira] [Commented] (WW-3952) creditCard validator available in Struts 1 missing in Struts 2

[ https://issues.apache.org/jira/browse/WW-3952?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13966489#comment-13966489 ] Rene Gielen commented on WW-3952: - [~dleberre] When doing feature requests, patches are

[jira] [Commented] (WW-3952) creditCard validator available in Struts 1 missing in Struts 2

[ https://issues.apache.org/jira/browse/WW-3952?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13966524#comment-13966524 ] Rene Gielen commented on WW-3952: - Two nice ideas coming to my mind: - show your students how

[jira] [Commented] (WW-4088) Supressing empty parameters on s:a tag

[ https://issues.apache.org/jira/browse/WW-4088?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13862600#comment-13862600 ] Rene Gielen commented on WW-4088: - Greg, thanks for the patch. I haven't yet reviewed it, but

[jira] [Updated] (WW-4221) Performance issue in Java Web Deployment in Cloud Computing

[ https://issues.apache.org/jira/browse/WW-4221?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Rene Gielen updated WW-4221: Labels: (was: patch) Performance issue in Java Web Deployment in Cloud Computing

[jira] [Updated] (WW-4221) Performance issue in Java Web Deployment in Cloud Computing

[ https://issues.apache.org/jira/browse/WW-4221?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Rene Gielen updated WW-4221: Flags: (was: Patch) Performance issue in Java Web Deployment in Cloud Computing

[jira] [Resolved] (WW-4221) Performance issue in Java Web Deployment in Cloud Computing

[ https://issues.apache.org/jira/browse/WW-4221?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Rene Gielen resolved WW-4221. - Resolution: Invalid Fix Version/s: (was: 2.3.8) Assignee: Rene Gielen This is not an

[jira] [Comment Edited] (WW-4221) Performance issue in Java Web Deployment in Cloud Computing

[ https://issues.apache.org/jira/browse/WW-4221?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13794418#comment-13794418 ] Rene Gielen edited comment on WW-4221 at 10/14/13 8:14 PM: --- This is

[jira] [Commented] (WW-4203) Allow disabling xwork creating null objects on a property level

[ https://issues.apache.org/jira/browse/WW-4203?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13770492#comment-13770492 ] Rene Gielen commented on WW-4203: - How about developing and sharing a patch for such a

[jira] [Commented] (WW-3651) Struts 2 is calling response.setLocale even though it will not handle the request

[ https://issues.apache.org/jira/browse/WW-3651?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13770516#comment-13770516 ] Rene Gielen commented on WW-3651: - I thing not calling setLocale has the side effect of,

[jira] [Comment Edited] (WW-3651) Struts 2 is calling response.setLocale even though it will not handle the request

[ https://issues.apache.org/jira/browse/WW-3651?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13770516#comment-13770516 ] Rene Gielen edited comment on WW-3651 at 9/18/13 6:59 AM: -- I thing

[jira] [Commented] (WW-3905) The TextProvider injection in ActionSupport isn't quite integrated into the framework's core DI

[ https://issues.apache.org/jira/browse/WW-3905?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13770530#comment-13770530 ] Rene Gielen commented on WW-3905: - Got burned once when I wanted to start refactoring here ;)

[jira] [Resolved] (WW-4193) OGNL WARN msg in log when user enters invalid data

[ https://issues.apache.org/jira/browse/WW-4193?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Rene Gielen resolved WW-4193. - Resolution: Fixed Fix applied. Thanks to Christoph Nenning. OGNL WARN msg in log when

[jira] [Updated] (WW-4193) OGNL WARN msg in log when user enters invalid data

[ https://issues.apache.org/jira/browse/WW-4193?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Rene Gielen updated WW-4193: Assignee: Rene Gielen OGNL WARN msg in log when user enters invalid data

[jira] [Updated] (WW-4193) OGNL WARN msg in log when user enters invalid data

[ https://issues.apache.org/jira/browse/WW-4193?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Rene Gielen updated WW-4193: Fix Version/s: 2.3.16 OGNL WARN msg in log when user enters invalid data

[jira] [Commented] (WW-3714) Rename org.opensymphony.xwork2 to org.apache.struts2.xwork2

[ https://issues.apache.org/jira/browse/WW-3714?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13752267#comment-13752267 ] Rene Gielen commented on WW-3714: - Since XWork is not an Apache TLP while Struts is, we

[jira] [Updated] (WW-4178) Question on the Support for Struts2-Struts1 plugin

[ https://issues.apache.org/jira/browse/WW-4178?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Rene Gielen updated WW-4178: Priority: Minor (was: Major) Assignee: Rene Gielen Question on the Support for Struts2-Struts1

[jira] [Commented] (WW-4178) Question on the Support for Struts2-Struts1 plugin

[ https://issues.apache.org/jira/browse/WW-4178?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13740857#comment-13740857 ] Rene Gielen commented on WW-4178: - Vijay, to get support for usage and best practices

[jira] [Closed] (WW-4178) Question on the Support for Struts2-Struts1 plugin

[ https://issues.apache.org/jira/browse/WW-4178?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Rene Gielen closed WW-4178. --- Resolution: Invalid This was a support request, not an issue Question on the Support for

[jira] [Commented] (WW-4171) getText methods are not documented as evaluating OGNL

[ https://issues.apache.org/jira/browse/WW-4171?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13731815#comment-13731815 ] Rene Gielen commented on WW-4171: - [~lukaszlenart] Yeah, the problem is that calls to getText

[jira] [Comment Edited] (WW-4171) getText methods are not documented as evaluating OGNL

[ https://issues.apache.org/jira/browse/WW-4171?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13731861#comment-13731861 ] Rene Gielen edited comment on WW-4171 at 8/7/13 10:44 AM: --

[jira] [Commented] (WW-4171) getText methods are not documented as evaluating OGNL

[ https://issues.apache.org/jira/browse/WW-4171?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13731861#comment-13731861 ] Rene Gielen commented on WW-4171: - [~lukaszlenart] How would you track a value is sanitized

[jira] [Commented] (WW-4171) getText methods are not documented as evaluating OGNL

[ https://issues.apache.org/jira/browse/WW-4171?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13731891#comment-13731891 ] Rene Gielen commented on WW-4171: - It only makes sense to sanitize before setting the value,

[jira] [Commented] (WW-4171) getText methods are not documented as evaluating OGNL

[ https://issues.apache.org/jira/browse/WW-4171?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13731903#comment-13731903 ] Rene Gielen commented on WW-4171: - An OGNL PropertyAccessor implementation (not targeted to

[jira] [Deleted] (WW-4172) deleteing

[ https://issues.apache.org/jira/browse/WW-4172?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Rene Gielen deleted WW-4172: deleteing - Key: WW-4172 URL:

[jira] [Commented] (WW-4171) getText methods are not documented as evaluating OGNL

[ https://issues.apache.org/jira/browse/WW-4171?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13730951#comment-13730951 ] Rene Gielen commented on WW-4171: - [~d...@solaraccess.com] No, parameter processing should be

[jira] [Commented] (WW-4157) Move docs export to Maven release phase

[ https://issues.apache.org/jira/browse/WW-4157?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13722273#comment-13722273 ] Rene Gielen commented on WW-4157: - I see the problem, and we may want to rethink whether we

[jira] [Created] (WW-4140) Security Improvement

Rene Gielen created WW-4140: --- Summary: Security Improvement Key: WW-4140 URL: https://issues.apache.org/jira/browse/WW-4140 Project: Struts 2 Issue Type: Bug Components: Core Actions

[jira] [Updated] (WW-4140) Security Improvement

[ https://issues.apache.org/jira/browse/WW-4140?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Rene Gielen updated WW-4140: Description: CVE-2013-2248 CVE-2013-2251 was: CVE-2013-2248 Open Redirect CVE-2013-2251 Remote Command

[jira] [Updated] (WW-4140) Security Improvement

[ https://issues.apache.org/jira/browse/WW-4140?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Rene Gielen updated WW-4140: Description: CVE-2013-2248 Open Redirect CVE-2013-2251 Remote Command Execution Triggered by action: /

[jira] [Closed] (WW-4140) Security Improvement

[ https://issues.apache.org/jira/browse/WW-4140?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Rene Gielen closed WW-4140. --- Resolution: Fixed Patch applied Security Improvement

[jira] [Updated] (WW-3873) file tag leaks server path information

[ https://issues.apache.org/jira/browse/WW-3873?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Rene Gielen updated WW-3873: Fix Version/s: 2.3.15.1 file tag leaks server path information --

[jira] [Closed] (WW-3873) file tag leaks server path information

[ https://issues.apache.org/jira/browse/WW-3873?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Rene Gielen closed WW-3873. --- Resolution: Fixed Changed file tag to always render empty value file tag leaks server path

[jira] [Updated] (WW-3873) file tag leaks server path information

[ https://issues.apache.org/jira/browse/WW-3873?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Rene Gielen updated WW-3873: Assignee: Rene Gielen file tag leaks server path information --

[jira] [Issue Comment Deleted] (WW-3873) file tag leaks server path information

Gielen (JIRA) j...@apache.org wrote: [ https://issues.apache.org/jira/browse/WW-3873?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Rene Gielen updated WW-3873: Assignee: Rene Gielen file tag leaks server path information

[jira] [Issue Comment Deleted] (WW-3873) file tag leaks server path information

: I will be out of the office until July 5th On Jul 5, 2013, at 1:29 AM, Rene Gielen (JIRA) j...@apache.org wrote: [ https://issues.apache.org/jira/browse/WW-3873?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Rene Gielen

[jira] [Issue Comment Deleted] (WW-3873) file tag leaks server path information

=13700729#comment-13700729 ] nathan.comst...@wellsfargo.com commented on WW-3873: I will be out of the office until July 5th On Jul 5, 2013, at 1:29 AM, Rene Gielen (JIRA) j...@apache.org wrote: [ https://issues.apache.org/jira/browse/WW

[jira] [Issue Comment Deleted] (WW-3873) file tag leaks server path information

, 2013, at 1:29 AM, Rene Gielen (JIRA) j...@apache.org wrote: [ https://issues.apache.org/jira/browse/WW-3873?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Rene Gielen updated WW-3873: Assignee: Rene Gielen file tag leaks server path

[jira] [Closed] (WW-4136) Demonstrate proper input sanitizing for file download showcase example

[ https://issues.apache.org/jira/browse/WW-4136?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Rene Gielen closed WW-4136. --- Resolution: Fixed Added demo code to sanitize input path parameter Demonstrate proper input

[jira] [Assigned] (WW-4108) small typo in documentation

[ https://issues.apache.org/jira/browse/WW-4108?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Rene Gielen reassigned WW-4108: --- Assignee: Rene Gielen small typo in documentation ---

[jira] [Closed] (WW-4108) small typo in documentation

[ https://issues.apache.org/jira/browse/WW-4108?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Rene Gielen closed WW-4108. --- Resolution: Fixed Applied, thanks for reporting small typo in documentation

[jira] [Resolved] (WW-4093) Javadoc of RegexFieldValidator-annotation out-dated

[ https://issues.apache.org/jira/browse/WW-4093?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Rene Gielen resolved WW-4093. - Resolution: Fixed Assignee: Rene Gielen Patch applied, thamks Javadoc of

[jira] [Closed] (WW-4093) Javadoc of RegexFieldValidator-annotation out-dated

[ https://issues.apache.org/jira/browse/WW-4093?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Rene Gielen closed WW-4093. --- Javadoc of RegexFieldValidator-annotation out-dated

[jira] [Commented] (WW-4088) Supressing empty parameters on s:a tag

[ https://issues.apache.org/jira/browse/WW-4088?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13671280#comment-13671280 ] Rene Gielen commented on WW-4088: - Patches welcom :) Supressing empty

[jira] [Commented] (WW-4088) Supressing empty parameters on s:a tag

[ https://issues.apache.org/jira/browse/WW-4088?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13671279#comment-13671279 ] Rene Gielen commented on WW-4088: - Since empty parameters are absolutely valid, this should

[jira] [Comment Edited] (WW-4088) Supressing empty parameters on s:a tag

[ https://issues.apache.org/jira/browse/WW-4088?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13671280#comment-13671280 ] Rene Gielen edited comment on WW-4088 at 5/31/13 9:26 AM: -- Patches

[jira] [Updated] (WW-4063) Remote code execution in Struts2 via expression language execution

[ https://issues.apache.org/jira/browse/WW-4063?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Rene Gielen updated WW-4063: Assignee: Rene Gielen Remote code execution in Struts2 via expression language execution

[jira] [Updated] (WW-4063) Remote code execution in Struts2 via expression language execution

[ https://issues.apache.org/jira/browse/WW-4063?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Rene Gielen updated WW-4063: Affects Version/s: (was: 2.3.14) 2.3.14.1 Remote code execution in Struts2

[jira] [Updated] (WW-4063) Remote code execution in Struts2 via expression language execution

[ https://issues.apache.org/jira/browse/WW-4063?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Rene Gielen updated WW-4063: Fix Version/s: 2.3.14.2 Remote code execution in Struts2 via expression language execution

[jira] [Closed] (WW-4063) Remote code execution in Struts2 via expression language execution

[ https://issues.apache.org/jira/browse/WW-4063?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Rene Gielen closed WW-4063. --- Resolution: Fixed Remote code execution in Struts2 via expression language execution

[jira] [Commented] (WW-4063) Remote code execution in Struts2 via expression language execution

[ https://issues.apache.org/jira/browse/WW-4063?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13666494#comment-13666494 ] Rene Gielen commented on WW-4063: - The related bulletin is yet undisclosed

[jira] [Commented] (WW-4063) Remote code execution in Struts2 via expression language execution

[ https://issues.apache.org/jira/browse/WW-4063?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13647339#comment-13647339 ] Rene Gielen commented on WW-4063: - Please contact the Struts security team via email:

[jira] [Commented] (WW-4058) ContainerHolder causes ThreadLocal memory leak

[ https://issues.apache.org/jira/browse/WW-4058?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13641925#comment-13641925 ] Rene Gielen commented on WW-4058: - Lukasz, your patch won't work since the

[jira] [Comment Edited] (WW-4058) ContainerHolder causes ThreadLocal memory leak

[ https://issues.apache.org/jira/browse/WW-4058?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13641925#comment-13641925 ] Rene Gielen edited comment on WW-4058 at 4/25/13 4:25 PM: -- Lukasz,

[jira] [Commented] (WW-4058) ContainerHolder causes ThreadLocal memory leak

[ https://issues.apache.org/jira/browse/WW-4058?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13642044#comment-13642044 ] Rene Gielen commented on WW-4058: - The process is as follows: the ThreadLocal Object itself

[jira] [Commented] (WW-4054) API docs are missing from the project homepage

[ https://issues.apache.org/jira/browse/WW-4054?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13638843#comment-13638843 ] Rene Gielen commented on WW-4054: - Unbelievably fast solved (before I had a chance to wonder

[jira] [Created] (WW-4054) API docs are missing from the project homepage

Rene Gielen created WW-4054: --- Summary: API docs are missing from the project homepage Key: WW-4054 URL: https://issues.apache.org/jira/browse/WW-4054 Project: Struts 2 Issue Type: Bug

[jira] [Commented] (WW-4018) Revert parse param back

[ https://issues.apache.org/jira/browse/WW-4018?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13605791#comment-13605791 ] Rene Gielen commented on WW-4018: - The parse attribute looks redundant to me, the ${} syntax

[jira] [Commented] (WW-4016) Rename validatorType to validatorName

[ https://issues.apache.org/jira/browse/WW-4016?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13605797#comment-13605797 ] Rene Gielen commented on WW-4016: - As a really breaking change, 3.0 target version looks fine

[jira] [Commented] (WW-3924) refactor file upload framework

[ https://issues.apache.org/jira/browse/WW-3924?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13534786#comment-13534786 ] Rene Gielen commented on WW-3924: - Uhm - sorry guys, but so far this looks not like what we

[jira] [Updated] (WW-3930) Cannot access plugin (.jar) static resources via /struts or /static URL

[ https://issues.apache.org/jira/browse/WW-3930?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Rene Gielen updated WW-3930: Priority: Minor (was: Blocker) Cannot access plugin (.jar) static resources via /struts or /static URL

[jira] [Commented] (WW-3876) NumberConverter convert WRONG

[ https://issues.apache.org/jira/browse/WW-3876?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13452805#comment-13452805 ] Rene Gielen commented on WW-3876: - Number formats are locale specific. 1,000.00 is a valid

[jira] [Updated] (WW-3876) NumberConverter convert WRONG

[ https://issues.apache.org/jira/browse/WW-3876?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Rene Gielen updated WW-3876: Priority: Minor (was: Major) NumberConverter convert WRONG -

[jira] [Closed] (WW-3876) NumberConverter convert WRONG

[ https://issues.apache.org/jira/browse/WW-3876?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Rene Gielen closed WW-3876. --- Resolution: Not A Problem As pointed out in the comments, Struts 2 behaves correctly here

[jira] [Created] (WW-3858) Decouple token names from their respective session attribute names

Rene Gielen created WW-3858: --- Summary: Decouple token names from their respective session attribute names Key: WW-3858 URL: https://issues.apache.org/jira/browse/WW-3858 Project: Struts 2 Issue

[jira] [Created] (WW-3860) Restrict accepted parameter name length

Rene Gielen created WW-3860: --- Summary: Restrict accepted parameter name length Key: WW-3860 URL: https://issues.apache.org/jira/browse/WW-3860 Project: Struts 2 Issue Type: Improvement

[jira] [Resolved] (WW-3858) Decouple token names from their respective session attribute names

[ https://issues.apache.org/jira/browse/WW-3858?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Rene Gielen resolved WW-3858. - Resolution: Fixed Fix Version/s: (was: 2.3.5) 2.3.4.1 Token names are now

[jira] [Resolved] (WW-3860) Restrict accepted parameter name length

[ https://issues.apache.org/jira/browse/WW-3860?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Rene Gielen resolved WW-3860. - Resolution: Fixed Fix Version/s: (was: 2.3.5) 2.3.4.1 Johno's patch applied.

  1   2   3   4   >