Bob, I see 2 problems. First, there should be a very clear explanation about this "struts-dangerous", telling the risk of use JSTL in struts tags. Also, I think the static calls by OGNL should be disabled, and maybe it represents a refactor anyway. The good point is that you can enable static access in struts.properties.
The second problem is keep feeding this pratice (use JSTL EL). But I have to say that having this package is would avoid a lot of explanation in old struts2 apps. Felipe Bob Tiernay wrote: > > > I also recall an email sent on this prior, where a decussion about 2 tlds > was brewing. Whatever happened with that? > > With each new struts release, I need to extract the tld and update it. > Now, it's not so bad if it's just little old me, but what about everyone > else who has to do the same? Seems like a lot of wasted time and effort > if you as me. > > If adding a jstl enabled tld is because it's "dangerous" with ognl > expression use, then make the uri: "struts-dangerous"! If it's because > there is a process issue, lets discuss :) > > Bob > >> Date: Wed, 5 Mar 2008 15:42:28 -0800 >> From: [EMAIL PROTECTED] >> To: dev@struts.apache.org >> Subject: Re: Issue WW-2107 question - Is JSTL disable or not? >> >> >> Well, >> >> It is a question about a Jira Issue. That`s why I asked in the developers >> maillist. >> >> By the way, thanks for the answer. >> >> >> Felipe >> > > _________________________________________________________________ > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > -- View this message in context: http://www.nabble.com/Issue-WW-2107-question---Is-JSTL-disable-or-not--tp15830208p15872871.html Sent from the Struts - Dev mailing list archive at Nabble.com. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
