I just have found that Struts 2.1.8 escapes messages, so instead of message (in browser) like: User with email u...@example.com registered successfully.
now I get this one: User with email <strong>u...@example.com</strong> registered successfully. In first example I used to escape only the inserted parameter "email". I am not against automatic escaping of messages. It's good for security. But I am wonder, how to use expected HTML markup into messages? Maybe you have any another design solution? P.S. The downside of upgrades. -- View this message in context: http://www.nabble.com/Struts-2.1.8%3A-Do-we-need-to-escape-messages--tp25922882p25922882.html Sent from the Struts - User mailing list archive at Nabble.com.
