This is a two-part question.
I am presently integrating internationalized UTF-8 resource bundles that
contain multi-byte characters. I am familiar with the pre-JDK 6 constraints
of UTF-8 resource bundles – either implement your own loader or convert the
bundles to Unicode.
First Question. Is
tags and verified we don’t use
the text tag anywhere.
No issues with SQL injection as we’ve been using prepared statements in
Hibernate from day one.
Thanks all!
Brad A Cupit wrote:
>
> From: egetchell [mailto:[EMAIL PROTECTED]
> Sent: Wednesday, October 08, 2008 11:56 AM
>>
would seem
to handcuff you when implementing a boundary solution as the should not know
how the piece of data is being used.
Jishnu Viswanath wrote:
>
> Hey egetchell,
> Don't know weather that's your name but any way.
> I don't know this is the s
That’s an interesting approach you guys are proposing.
I did a quick proof of concept where I coded an Interceptor that uses the
Apache Commons StringEscapeUtils.escapeHtml function to update all incoming
parameter values. This seems to implement what you guys suggested.
What is your approa
Greg,
Thanks for the reply.
The common approach for mitigating XSS is to provide a blacklist of XSS
enabling characters, enables would include "<", ">", "%3f", etc. However,
these filters are easily bypassed by clever encoding constructs, so the
blacklist concept quickly fails and the site is o
All,
I am one of the architects behind a multi-language site using Struts 2. To
mitigate XSS exposure, defining a whitelist of allowable characters is the
normal approach, but seems to become a non-trivial exercise when supporting
multiple languages (we will be supporting 15). My understanding
I just re-read my post and noticed that the Struts configuration for the
testB action somehow got mangled. The correct configuration for TestB is
testA
display
--
View this message in context:
http://www.nabble.com/Struts-2%3A-Action-chaining-behaving-differently-when-validatio
All,
I’m experiencing some interesting behavior when forwarding via action
chaining as a result of input validation.
In a non-error situation, action chaining works as expected – that is the
service method of the chained action is invoked as expected. However, what
I am noticing is that when a
Thanks all for the information. Since it seems that a few others out there
had similar questions, I’ll add to this post for future reference.
Like the Action examples, as long as the get...() property on the parent
class is properly annotated with the VisitorFieldValidator, the annotations
corre
Hello,
Does anyone have an idea how to invoke validation annotations on nested
objects?
We’re using hierarchal objects in Struts 2.1 and the validation annotations
do not seem to be firing on the child objects.
For example I have a Customer object which has an Address object as an
attribute. A
10 matches
Mail list logo
