[jira] [Created] (WW-4728) JSONValidationInterceptor change ststic parameters names

Alireza Fattahi (JIRA) Tue, 20 Dec 2016 21:14:43 -0800

Alireza Fattahi created WW-4728:
-----------------------------------

             Summary: JSONValidationInterceptor change ststic parameters names
                 Key: WW-4728
                 URL: https://issues.apache.org/jira/browse/WW-4728
             Project: Struts 2
          Issue Type: Bug
          Components: Plugin - JSON
            Reporter: Alireza Fattahi



For security reasons I want to not reveal that we are using struts2 in our 
site. But the hackers can find it if they see the hidden parameters in the 
request.

Is it possible to make below parameters configurable ( For example in 
struts.xml)

````
public static final String VALIDATE_ONLY_PARAM = "struts.validateOnly";
    public static final String VALIDATE_JSON_PARAM = 
"struts.enableJSONValidation";
    public static final String NO_ENCODING_SET_PARAM = 
"struts.JSONValidation.no.encoding";




--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Created] (WW-4728) JSONValidationInterceptor change ststic parameters names

Reply via email to