Folks, when researching on OGNL i found this link: https://cwiki.apache.org/confluence/display/S2WIKI/OGNL+replacement
In 2008 Brian mentioned "Security risks keep appearing" along with OGNL and collected the places where we use OGNL. Given the recent events I thought it might be good to bring this up again. Please also note, I have helped with OGNLs incubation and I am also touchign it over in Commons land. My impression is OGNL is not easy to understand and there is not really much interest from other people to develop on it. Looking at this list I feel OGNL is pretty much tied to Struts. On the other hand we could start to slowly decouple the two. Not sure what we should use otherwise. Any feelings on that? --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@struts.apache.org For additional commands, e-mail: dev-h...@struts.apache.org
