It wasn't a performance concern, it was a security concern. Since the OGNL
and JSP EL were processed by separate processors, it's possible to have one
transform user code to the other which is a very simple way of allowing an
end user to inject executable code into your system.
(*Chris*)
On Fri
On 7/23/10 11:26 AM, Scott Koenig wrote:
I was wondering if anyone knew how great the performance optimization gains
are in leaving runtime expression values disabled for assorted Struts tags,
or where I could find some resources on the topic. It seems incredibly
useful to be able to set a variab
Hi,
I was wondering if anyone knew how great the performance optimization gains
are in leaving runtime expression values disabled for assorted Struts tags,
or where I could find some resources on the topic. It seems incredibly
useful to be able to set a variable to a value calculated on the fly.
3 matches
Mail list logo
