Went through this release and tested it, seems good to be released. Are there other issues?
Cheers Greg On 3 October 2014 07:49, Lukasz Lenart <lukaszlen...@apache.org> wrote: > 2014-09-30 9:09 GMT+02:00 Lukasz Lenart <lukaszlen...@apache.org>: > > Added a note to docs (I thought there was one already) - in your case > > the problem is with a constructor, its target is evaluated to > > java.lang.Class which is on the excluded list of classes. > > > > > https://cwiki.apache.org/confluence/display/WW/Security#Security-Internalsecuritymechanism > > I have extended the description as there is one more case in which > application can blow up :-) > > > https://cwiki.apache.org/confluence/display/WW/Security#Security-OGNLisusedtocallaction'smethods > > > Regards > -- > Ćukasz > + 48 606 323 122 http://www.lenart.org.pl/ > > --------------------------------------------------------------------- > To unsubscribe, e-mail: dev-unsubscr...@struts.apache.org > For additional commands, e-mail: dev-h...@struts.apache.org > >
