Hi. >> Is a Struts 2.3.x system using the Dojo plugin vulnerable to [...] >> security issues, or have they been fixed somehow?
Am 06.10.2014 um 16:10 schrieb Dave Newton: > I'd add that since the plugin has been deprecated since S2.1 it's unlikely > anything was ever done to deal with it. > > Lukasz Lenart <lukaszlen...@apache.org> wrote: > Probably it's a vulnerable version - I don't know if the plugin's > author did something special to build initial Dojo JS lib Many thanks for the quick answers to the both of you. This is what I have been expecting, too, especially since I haven't been able to find any hints regarding a potential fix or workaround despite a rather lengthy search. Looks like the best option is to strip the Dojo plugin / to replace the functionality by jQuery or some other library. Thanks again, Markus --------------------------------------------------------------------- To unsubscribe, e-mail: user-unsubscr...@struts.apache.org For additional commands, e-mail: user-h...@struts.apache.org
