2016-11-16 11:53 GMT+01:00 Greg Huber <gregh3...@gmail.com>:
> Sounds like a good idea and plug the whole lot in one go.
>
> tomcat 8 is JSP 2.3 and EL 3.0.
>
>
> ######
>
> checking ${parameters.get('error')}
>
> uses org.apache.struts2.dispatcher.Parameter. If I debug the class it is.
> toStringArray() does the conversion to the string, maybe escape here?
>
> strValues[i] = StringEscapeUtils.escapeHtml4(String.valueOf(v));
I think it's because of toString() implementation but this should be
ok to escape in toString(), let me check that.
Regards
--
Ćukasz
+ 48 606 323 122 http://www.lenart.org.pl/
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@struts.apache.org
For additional commands, e-mail: dev-h...@struts.apache.org
