Excludes ActionContext from Ognl evaluation
Project: http://git-wip-us.apache.org/repos/asf/struts/repo Commit: http://git-wip-us.apache.org/repos/asf/struts/commit/bbcc6014 Tree: http://git-wip-us.apache.org/repos/asf/struts/tree/bbcc6014 Diff: http://git-wip-us.apache.org/repos/asf/struts/diff/bbcc6014 Branch: refs/heads/develop Commit: bbcc6014f61e4d751114051605e8041474e5b496 Parents: eb8aae8 Author: Lukasz Lenart <lukaszlen...@apache.org> Authored: Thu Jun 5 08:25:44 2014 +0200 Committer: Lukasz Lenart <lukaszlen...@apache.org> Committed: Thu Jun 5 08:25:44 2014 +0200 ---------------------------------------------------------------------- core/src/main/resources/struts-default.xml | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/struts/blob/bbcc6014/core/src/main/resources/struts-default.xml ---------------------------------------------------------------------- diff --git a/core/src/main/resources/struts-default.xml b/core/src/main/resources/struts-default.xml index 0fe8e68..49eba90 100644 --- a/core/src/main/resources/struts-default.xml +++ b/core/src/main/resources/struts-default.xml @@ -38,7 +38,15 @@ <struts> - <constant name="struts.excludedClasses" value="java.lang.Object,java.lang.Runtime,ognl.OgnlContext,ognl.MemberAccess,ognl.ClassResolver,ognl.TypeConverter" /> + <constant name="struts.excludedClasses" + value=" + java.lang.Object, + java.lang.Runtime, + ognl.OgnlContext, + ognl.MemberAccess, + ognl.ClassResolver, + ognl.TypeConverter, + com.opensymphony.xwork2.ActionContext" /> <!-- this must be valid regex, each '.' in package name must be escaped! --> <constant name="struts.excludedPackageNamePatterns" value="^java\.lang.*,^ognl.*,^javax.*" />
