2014-08-07 22:58 GMT+02:00 Luis Limas :
> Thanks again for the reply Lukasz, this is the full hierarchy used at JSON
> in the 1st mail:
>
> * 1st level : http://codeviewer.org/view/code:4279
> * 2nd level : http://codeviewer.org/view/code:427a
> * 3rd level (issue) : http://codeviewer.org/view/c
On 08/08/2014 02:18 a. m., Lukasz Lenart wrote:
2014-08-07 22:58 GMT+02:00 Luis Limas :
Thanks again for the reply Lukasz, this is the full hierarchy used at JSON
in the 1st mail:
* 1st level : http://codeviewer.org/view/code:4279
* 2nd level : http://codeviewer.org/view/code:427a
* 3rd l
On 08/08/2014 02:18 a. m., Lukasz Lenart wrote:
2014-08-07 22:58 GMT+02:00 Luis Limas :
Thanks again for the reply Lukasz, this is the full hierarchy used at JSON
in the 1st mail:
* 1st level : http://codeviewer.org/view/code:4279
* 2nd level : http://codeviewer.org/view/code:427a
* 3rd l
2014-08-08 17:38 GMT+02:00 Luis Limas :
> Thanks again for the reply Lukasz, you misunderstood me, im not doing
> serialize/deserialize my entities for any logic, the deserialize instruction
> is being called inside struts (Project: Struts 2 JSON Plugin,
> JSONInterceptor.java : 123) when parsing J
2014-08-07 11:43 GMT+02:00 Fabian Richter :
> Hey,
>
> we are wondering why struts params interceptor excludes
>
> ^application\..*
>
> as a parameter?
>
> To what kind of vulernatbilities would we open our applications if we allow
> parameters starting with application to be set by struts?
It's t
On 08/08/2014 02:24 p. m., Lukasz Lenart wrote:
2014-08-08 17:38 GMT+02:00 Luis Limas :
Thanks again for the reply Lukasz, you misunderstood me, im not doing
serialize/deserialize my entities for any logic, the deserialize instruction
is being called inside struts (Project: Struts 2 JSON Plugin,
6 matches
Mail list logo
