It's so good to hear it. :) On 11 May 2011 18:42, Sarr, Nathan <[email protected]> wrote: > I did a quick test and it appeared to work correctly. > > -Nate > > -----Original Message----- > From: Maurizio Cucchiara [mailto:[email protected]] > Sent: Wednesday, May 11, 2011 12:37 PM > To: Struts Users Mailing List > Subject: Re: XSS Vulnerability in Struts 2 before 2.2.3 > > I did not checked before, but I bet it works (Please Let us know if it > doesn't). > > > On 11 May 2011 16:47, Sarr, Nathan <[email protected]> wrote: >> Hello, >> >> >> >> I noticed the solution mentions turning off DMI support in >> struts.xml. Would the same result be achieved by setting it in the >> struts.properties file: >> >> >> >> # don't allow dynamic method invocation >> >> struts.enable.DynamicMethodInvocation = false >> >> >> >> Thanks, >> >> -Nate >> >> >> >> > > > > -- > Maurizio Cucchiara > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > >
-- Maurizio Cucchiara --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
