wt., 18 lut 2020 o 17:04 M Huzaifah <mhuzaifah.i...@gmail.com> napisał(a): > Thank you Lucas, my goal is render the struts tag based on list of column > name that i've set before. So i have to iterate the list of column using > jstl than put the "name" on attribut name in struts tag. From here, i > think i miss understanding about struts tag. I use struts 2.5x that not > support for expressions anymore.
Wait, what? Struts tags do not support expressions? Where did you find such information? Did you read that? https://struts.apache.org/tag-developers/tag-syntax.html (improved version I'm working on right now https://struts.staged.apache.org/tag-developers/tag-syntax.html) Also Struts tags are using our internal mechanism which prevents evaluating malicious expressions, in case of using JSTL you don't have such control and as those tags are out of Struts control you can mistakenly inject a malicious code https://struts.apache.org/security/#internal-security-mechanism Also using JSTL and Struts tags in the same JSP is like using Java and Kotlin to write the same code. Anyway, Bad Idea. Regards -- Łukasz + 48 606 323 122 http://www.lenart.org.pl/ --------------------------------------------------------------------- To unsubscribe, e-mail: user-unsubscr...@struts.apache.org For additional commands, e-mail: user-h...@struts.apache.org
