Hi Just after updating struts to 2.3.15.2, all of ours applications stop working. Some of ours applications uses struts-convention-plugin, so only url can be used to acces action's methods.
We are using a lot of url with "!input" methods, especially to manage form input and form validation. "S2-019 - Dynamic Method Invocation disabled by default", seems to be a big security issue. So, is it safe to re-enable back DMI to true ? If not, how is it possible to not use DMI ? Redards. Eric. -- Éric Chatellier - Code Lutin Tel: 02.40.50.29.28 - http://www.codelutin.com --------------------------------------------------------------------- To unsubscribe, e-mail: user-unsubscr...@struts.apache.org For additional commands, e-mail: user-h...@struts.apache.org
