[
https://issues.apache.org/jira/browse/WW-4073?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13678851#comment-13678851
]
Maurizio Cucchiara commented on WW-4073:
----------------------------------------
Hi [~johno],
the patch is good for me and well justified, what don't fully convinced me is
the name of the constant "disableJstlAccessibility". Actually, your patch
disables the ValueStack lookup of the request attributes.
> Disable eval expressions and simple JSTL accessibility
> ------------------------------------------------------
>
> Key: WW-4073
> URL: https://issues.apache.org/jira/browse/WW-4073
> Project: Struts 2
> Issue Type: New Feature
> Affects Versions: 2.3.14
> Reporter: Johno Crawford
> Fix For: 2.3.15
>
> Attachments: disable_simple_jstl_accessibility.patch,
> StrutsRequestWrapperDisablingInterceptor.java
>
>
> afaik the simple JSTL accessibility is used only in jsp. Currently we have a
> hacky interceptor to disable it (see attached), would be nice if it were an
> option.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
