Re: Issue in Struts 7.0.0 with tag

Thank you for your response. I'm using NetBeans 17 as the IDE, with Java 21, and running the application on Tomcat 10.0.20. The issue occurs when I try to run the web application from within the IDE. NetBeans shows the following error when the issue occurs: The s:form tag declares that it accept

Re: Strange issue displaying numbers when in Arabic locale

pon., 7 kwi 2025 o 01:47 Zoran Avtarovski napisał(a): > > Thanks Lukasz, Uti, > > The issue indeed was how Java treated numbers after Java 8. > > After a inordinate amount of searching on how to change the solution was > to set the locale extension on how to treat numbers. > > Instead of just crea

Re: Issue in Struts 7.0.0 with tag

wt., 15 kwi 2025 o 09:57 shankar sawate napisał(a): > While migrating to Struts 7.0.0, I'm encountering an issue when using the > tag. Even though the tag is present like this > > jsp > <%%> > I’m getting the following warning or error: > > The s:form tag declares that it accepts dynamic attr

Re: Issue in Struts 7.0.0 with tag

Please help us in this issue On Wed, 16 Apr, 2025, 10:17 pm Tellis, Wyatt, wrote: > I see similar warnings when using NetBeans to edit JSPs that contain > Struts tags. However, these JSPs seem to compile just fine. Does anyone > know what causes these warning messages? > > Wyatt > _

Re: Issue in Struts 7.0.0 with tag

I see similar warnings when using NetBeans to edit JSPs that contain Struts tags. However, these JSPs seem to compile just fine. Does anyone know what causes these warning messages? Wyatt From: shankar sawate Sent: Monday, April 14, 2025 11:39 PM To: user@strut

RE: Request for Assistance with OWASP ZAP Vulnerabilities in Struts-Based Java Web Application

Hi, Note that Struts 7 has a built-in CSP header interceptor that also has support for cryptographic nonces in JavaScript tags. They may have interceptors for these other missing headers as well, but I’m not sure. More information can be found in the documentation. Regards, Nate From: Shivam

Re: Request for Assistance with OWASP ZAP Vulnerabilities in Struts-Based Java Web Application

Hi, The application is currently showing the following security vulnerabilities: Content security Policy (CSP) Header not set (3 instances)- GET: http://localhost:8080/favicon.ico GET: http://localhost:8080/favicon.test GET: http://localhost:8080/favicon.test\ Missing Anti-clickjackin

Re: Request for Assistance with OWASP ZAP Vulnerabilities in Struts-Based Java Web Application

śr., 16 kwi 2025 o 07:30 Shivam Agrahari napisał(a): > Could you please advise on how to resolve these issues? For your reference, I > have attached the WAR file of the test project along with a few relevant > pages. The best option is to read through OWASP recommendations PDFs and apply them o

Re: Request for Assistance with OWASP ZAP Vulnerabilities in Struts-Based Java Web Application

You neglected to mention what the problems were. em: davelnew...@gmail.com mo: 908-380-8699 gh: davelnewton so: Dave Newton On Wed, Apr 16, 2025 at 01:30 Shivam Agrahari wrote: > Hi, > > I am currently develo