This is an automated email from the ASF dual-hosted git repository.

git-site-role pushed a commit to branch asf-staging
in repository https://gitbox.apache.org/repos/asf/struts-site.git

The following commit(s) were added to refs/heads/asf-staging by this push:
     new 2241a52c0 Updates stage by Jenkins
2241a52c0 is described below

commit 2241a52c0191763af1fa5d45cd4b83bcba426d9e
Author: jenkins <bui...@apache.org>
AuthorDate: Tue Jan 2 08:49:22 2024 +0000

    Updates stage by Jenkins
---
 content/security/index.html | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/content/security/index.html b/content/security/index.html
index 6161c56ea..477442f7b 100644
--- a/content/security/index.html
+++ b/content/security/index.html
@@ -483,7 +483,9 @@ below) offers much stronger protection. However, for the 
strongest level of prot
 to the ActionContext from OGNL expressions entirely.</p>
 
 <p>Note that before disabling access to the ActionContext from OGNL 
expressions, you should ensure that your application
-does not rely on this capability. As of Struts 6.4.0, the Set and Action 
Struts components require this capability.</p>
+does not rely on this capability. OGNL expressions may access the context 
directly using the <code class="language-plaintext highlighter-rouge">#</code> 
operator, or indirectly
+using the OgnlValueStack’s fallback to context lookup capability. As of Struts 
6.4.0, the Set and Action Struts
+components require ActionContext access from OGNL expressions.</p>
 
 <p>To disable access to the ActionContext from OGNL expressions, set the 
following constants in your <code class="language-plaintext 
highlighter-rouge">struts.xml</code> or
 <code class="language-plaintext highlighter-rouge">struts.properties</code> 
file. Please also refer to the documentation below for further details on these 
configuration

Reply via email to