If you lecture your developers to be aware that any public method becomes fair
game the security concern might be mitigated but you still have a
maintainability issue. With explicit configuration someone inheriting the code
can easily figure out how an action method is used by looking at annot
Jan T. Kim wrote:
(2) Isn't encoding methods in action name suffixes like this a potential
security issue?
So, are wildcards useful for development but have to be expanded before
putting a system to production use?
The only security issue I'm aware of is if the developer exposes
unwanted be
On Sun, Jun 28, 2009 at 08:15:43AM -0400, Dave Newton wrote:
> Jan T. Kim wrote:
> >(1) Where is the documentation of this wildcard syntax?
>
> http://struts.apache.org/2.x/docs/wildcard-mappings.html
> http://struts.apache.org/2.x/docs/action-configuration.html#ActionConfiguration-WildcardMethod
Jan T. Kim wrote:
(1) Where is the documentation of this wildcard syntax?
http://struts.apache.org/2.x/docs/wildcard-mappings.html
http://struts.apache.org/2.x/docs/action-configuration.html#ActionConfiguration-WildcardMethod
Although the underscore thing is mentioned I don't think it's explic
Hi All,
In the "Validating Input" section of the "Bootstrap" tutorial, I've
noticed the action mapping syntax
...
which the tutorial suggests as a shorthand for configuring
...
...
I have two questions about this:
(1) Where is the documentation
Hi Sam,
remove "submit" word.
Best greetings,
Paweł Wielgus.
2009/6/27 Sam Wun :
> Hi,
>
> here are the offending lines in my jsp file:
>
>
> />
>
>
> Errors on console:
>
> org.apache.jasper.JasperException:
> /html/portlet/onlinepayment_portlet/sign_in.jsp(110,18) equal symbol
> expected
> o
6 matches
Mail list logo
