On Tue, Jan 3, 2017 at 4:15 PM, Christoph Rüger <c.rue...@synesty.com> wrote:
> +1 > > watch out for security / template injection attacks: e.g. see > http://blog.portswigger.net/2015/08/server-side-template-injection.html > > set > > configuration.setNewBuiltinClassResolver(TemplateClassResolver. > ALLOWS_NOTHING_RESOLVER); > > Thank you Christoph, much appreciated. And many thanks for filing the ICLA for FreeMarker (we have received it yesterday) and for your help to the project! Jacopo
