It's so good to hear it. :) On 11 May 2011 18:42, Sarr, Nathan <ns...@library.rochester.edu> wrote: > I did a quick test and it appeared to work correctly. > > -Nate > > -----Original Message----- > From: Maurizio Cucchiara [mailto:maurizio.cucchi...@gmail.com] > Sent: Wednesday, May 11, 2011 12:37 PM > To: Struts Users Mailing List > Subject: Re: XSS Vulnerability in Struts 2 before 2.2.3 > > I did not checked before, but I bet it works (Please Let us know if it > doesn't). > > > On 11 May 2011 16:47, Sarr, Nathan <ns...@library.rochester.edu> wrote: >> Hello, >> >> >> >> I noticed the solution mentions turning off DMI support in >> struts.xml. Would the same result be achieved by setting it in the >> struts.properties file: >> >> >> >> # don't allow dynamic method invocation >> >> struts.enable.DynamicMethodInvocation = false >> >> >> >> Thanks, >> >> -Nate >> >> >> >> > > > > -- > Maurizio Cucchiara > > --------------------------------------------------------------------- > To unsubscribe, e-mail: user-unsubscr...@struts.apache.org > For additional commands, e-mail: user-h...@struts.apache.org > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: user-unsubscr...@struts.apache.org > For additional commands, e-mail: user-h...@struts.apache.org > >
-- Maurizio Cucchiara --------------------------------------------------------------------- To unsubscribe, e-mail: user-unsubscr...@struts.apache.org For additional commands, e-mail: user-h...@struts.apache.org
