[ https://issues.apache.org/jira/browse/WW-5353?focusedWorklogId=916167&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-916167 ]
ASF GitHub Bot logged work on WW-5353: -------------------------------------- Author: ASF GitHub Bot Created on: 24/Apr/24 12:33 Start Date: 24/Apr/24 12:33 Worklog Time Spent: 10m Work Description: kusalk merged PR #919: URL: https://github.com/apache/struts/pull/919 Issue Time Tracking ------------------- Worklog Id: (was: 916167) Time Spent: 50m (was: 40m) > Implement stronger security defaults in Struts 7.0 > -------------------------------------------------- > > Key: WW-5353 > URL: https://issues.apache.org/jira/browse/WW-5353 > Project: Struts 2 > Issue Type: Improvement > Reporter: Kusal Kithul-Godage > Priority: Major > Fix For: 7.0.0 > > Time Spent: 50m > Remaining Estimate: 0h > > {{struts.ognl.allowStaticFieldAccess=false}} > {{struts.ognl.excludedNodeTypes=<TBA>}} > {{struts.ognl.expressionMaxLength=150}} > {{struts.disallowDefaultPackageAccess=true}} > {{struts.disallowProxyMemberAccess=true}} > {{struts.parameters.requireAnnotations=true}} > {{struts.ognl.disallowCustomOgnlMap=true}} > {{struts.allowlist.enable=true}} -- This message was sent by Atlassian Jira (v8.20.10#820010)