Vote passed with results:
+1 GA (binding) x3
+1 GA (non-binding) x1
Thanks!
--
Ćukasz
+ 48 606 323 122 http://www.lenart.org.pl/
2014-05-03 12:22 GMT+02:00 Greg Huber gregh3...@gmail.com:
If I add
s:param name=class value=pager.pageNumber /
to a link as a parameter and then click the link
.explains it more here http://www.kb.cert.org/vuls/id/719225 it does
exclude Class.getClassLoader().
s:param name=Class.getClassLoader() value=pager.pageNumber /
On 4 May 2014 10:09, Lukasz Lenart lukaszlen...@apache.org wrote:
Vote passed with results:
+1 GA (binding) x3
+1 GA
+1
Markus
Am 03.05.2014 05:41, schrieb Paul Benedict:
+1
Cheers,
Paul
On Fri, May 2, 2014 at 4:16 PM, Don Brown mr...@apache.org wrote:
+1
On Fri, May 2, 2014 at 1:58 PM, Dave Newton davelnew...@gmail.com wrote:
+1
On May 2, 2014 3:52 PM, Lukasz Lenart lukaszlen...@apache.org wrote:
If I add
s:param name=class value=pager.pageNumber /
to a link as a parameter and then click the link I do not get a
notifyDeveloper from ParametersInterceptor
if (!this.excludeParams.isEmpty()) {
for (Pattern pattern : excludeParams) {
System.out.println(pattern);
The Struts 2.3.16.3 test build is now available. It includes the
latest security patch which fixes one possible vulnerabilities:
- Extends excluded params in CookieInterceptor to avoid manipulation
of Struts' internals
For details and the rationale behind these changes, please consult the
+1
On May 2, 2014 3:52 PM, Lukasz Lenart lukaszlen...@apache.org wrote:
The Struts 2.3.16.3 test build is now available. It includes the
latest security patch which fixes one possible vulnerabilities:
- Extends excluded params in CookieInterceptor to avoid manipulation
of Struts' internals
+1
On Fri, May 2, 2014 at 1:58 PM, Dave Newton davelnew...@gmail.com wrote:
+1
On May 2, 2014 3:52 PM, Lukasz Lenart lukaszlen...@apache.org wrote:
The Struts 2.3.16.3 test build is now available. It includes the
latest security patch which fixes one possible vulnerabilities:
- Extends
+1
Cheers,
Paul
On Fri, May 2, 2014 at 4:16 PM, Don Brown mr...@apache.org wrote:
+1
On Fri, May 2, 2014 at 1:58 PM, Dave Newton davelnew...@gmail.com wrote:
+1
On May 2, 2014 3:52 PM, Lukasz Lenart lukaszlen...@apache.org wrote:
The Struts 2.3.16.3 test build is now available.