This is an automated email from the ASF dual-hosted git repository.
git-site-role pushed a commit to branch asf-staging
in repository https://gitbox.apache.org/repos/asf/struts-site.git
The following commit(s) were added to refs/heads/asf-staging by this push:
new b153af33c Updates stage by Jenkins
b153af33c is described below
commit b153af33c3b840c98fa0d3a0c84a93d56627f057
Author: jenkins <bui...@apache.org>
AuthorDate: Wed Dec 11 06:48:10 2024 +0000
Updates stage by Jenkins
---
content/announce-2024.html | 18 ++++
content/core-developers/default-properties.html | 41 ++++++---
content/core-developers/interceptors.html | 39 +++------
content/core-developers/struts-default-xml.html | 39 +++------
content/core-developers/validation.html | 47 +---------
content/index.html | 11 ++-
content/releases.html | 11 +++
content/tag-developers/css-xhtml-theme.html | 78 ++++++++---------
content/tag-developers/simple-theme.html | 2 +-
content/tag-developers/xhtml-theme.html | 110 ++++++++++++------------
10 files changed, 190 insertions(+), 206 deletions(-)
diff --git a/content/announce-2024.html b/content/announce-2024.html
index 612e32dd4..4ffe576c2 100644
--- a/content/announce-2024.html
+++ b/content/announce-2024.html
@@ -156,6 +156,24 @@
Skip to: <a href="announce-2023">Announcements - 2023</a>
</p>
+<h4 id="a20241210">10 December 2024 - CVE-2024-53677 File upload logic is
flawed</h4>
+
+<p>The Apache Struts group recommends upgrading to Apache Struts version 6.4.0
at least and migrating to
+the <a href="core-developers/action-file-upload">new file upload</a> mechanism
to mitigate potential security
+vulnerability when using deprecated <a
href="core-developers/file-upload-interceptor">FileUploadInterceptor</a>.</p>
+
+<blockquote>
+ <p>Please read the Security Bulletin <a
href="https://cwiki.apache.org/confluence/display/WW/S2-067";>S2-067</a> to find
more
+details about this security vulnerability</p>
+</blockquote>
+
+<p><strong>All developers are strongly advised to perform this
upgrade.</strong></p>
+
+<p>Should any issues arise with your use of any version of the Struts
framework, please post your comments to the user list,
+and, if appropriate, file <a
href="https://issues.apache.org/jira/projects/WW/";>a tracking ticket</a>.</p>
+
+<p>You can download the latest version from our <a
href="download.cgi#struts-ga">download</a> page.</p>
+
<h4 id="a20241117">17 November 2024 - Apache Struts version 6.7.0 General
Availability</h4>
<p>The Apache Struts group is pleased to announce that Apache Struts version
6.6.7 is available as a “General Availability”
diff --git a/content/core-developers/default-properties.html
b/content/core-developers/default-properties.html
index 3275d3d4e..d2ad07855 100644
--- a/content/core-developers/default-properties.html
+++ b/content/core-developers/default-properties.html
@@ -193,7 +193,7 @@ struts.i18n.encoding=UTF-8
### if specified, the default object factory can be overridden here
### Note: short-hand notation is supported in some cases, such as "spring"
-### Alternatively, you can provide a
com.opensymphony.xwork2.ObjectFactory subclass name here
+### Alternatively, you can provide a org.apache.struts2.ObjectFactory
subclass name here
# struts.objectFactory = spring
### specifies the autoWiring logic when using the SpringObjectFactory.
@@ -217,9 +217,9 @@ struts.objectFactory.spring.enableAopSupport = false
### if specified, the default object type determiner can be overridden here
### Note: short-hand notation is supported in some cases, such as "tiger" or
"notiger"
-### Alternatively, you can provide a
com.opensymphony.xwork2.util.ObjectTypeDeterminer implementation name here
-### Note: By default, com.opensymphony.xwork2.util.DefaultObjectTypeDeterminer
is used which handles type detection
-### using generics.
com.opensymphony.xwork2.util.GenericsObjectTypeDeterminer was deprecated since
XWork 2, it's
+### Alternatively, you can provide a
org.apache.struts2.util.ObjectTypeDeterminer implementation name here
+### Note: By default, org.apache.struts2.util.DefaultObjectTypeDeterminer is
used which handles type detection
+### using generics. org.apache.struts2.util.GenericsObjectTypeDeterminer
was deprecated since XWork 2, it's
### functions are integrated in DefaultObjectTypeDeterminer now.
### To disable tiger support use the "notiger" property value here.
# struts.objectTypeDeterminer = tiger
@@ -227,10 +227,9 @@ struts.objectFactory.spring.enableAopSupport = false
### Parser to handle HTTP POST requests, encoded using the MIME-type
multipart/form-data
# struts.multipart.parser=cos
-# struts.multipart.parser=pell
# struts.multipart.parser=jakarta-stream
struts.multipart.parser=jakarta
-### Uses javax.servlet.context.tempdir by default
+### Uses jakarta.servlet.context.tempdir by default
struts.multipart.saveDir=
struts.multipart.maxSize=2097152
struts.multipart.maxFiles=256
@@ -378,13 +377,33 @@ struts.freemarker.mru.max.strong.size=0
struts.xslt.nocache=false
### Whether to always select the namespace to be everything before the last
slash or not
-struts.mapper.alwaysSelectFullNamespace=false
+struts.mapper.alwaysSelectFullNamespace=true
### Whether to fallback to empty namespace when request namespace does not
match any in configuration
-struts.actionConfig.fallbackToEmptyNamespace=true
-
-### Whether to allow static field access in OGNL expressions or not
-struts.ognl.allowStaticFieldAccess=true
+struts.actionConfig.fallbackToEmptyNamespace=false
+
+### Whether to allow static field access in OGNL expressions, not recommended!
+struts.ognl.allowStaticFieldAccess=false
+
+### Whether OGNL can access these types of classes, not recommended!
+struts.disallowDefaultPackageAccess=true
+struts.disallowProxyObjectAccess=true
+
+### Whether OGNL can instantiate arbitrary map classes, not recommended!
+struts.ognl.disallowCustomOgnlMap=true
+
+### OGNL context access, highly recommended to uncomment if context access
from expressions not needed!
+# struts.ognl.valueStackFallbackToContext=false
+#
struts.ognl.excludedNodeTypes=ognl.ASTRootVarRef,ognl.ASTThisVarRef,ognl.ASTVarRef
+
+### Whether to enable OGNL allowlist, protects against critical
vulnerabilities, strongly recommended to keep enabled!
+struts.allowlist.enable=true
+### Whether to require @StrutsParameter annotations on Action parameter
injection methods
+### Synergizes with OGNL allowlist, strongly recommended to keep enabled!
+struts.parameters.requireAnnotations=true
+### Whether to drop @StrutsParameter annotation requirement on simple setter
methods
+### Useful for transitioning legacy applications, but highly recommended to
set to false as soon as possible!
+struts.parameters.requireAnnotations.transitionMode=false
### Whether to throw a RuntimeException when a property is not found
### in an expression, or when the expression evaluation fails
diff --git a/content/core-developers/interceptors.html
b/content/core-developers/interceptors.html
index 53b5a9932..4946191c7 100644
--- a/content/core-developers/interceptors.html
+++ b/content/core-developers/interceptors.html
@@ -283,7 +283,7 @@ than reiterate the same list of Interceptors, we can bundle
these Interceptors t
<span class="nt"><package</span> <span class="na">name=</span><span
class="s">"struts-default"</span> <span class="na">abstract=</span><span
class="s">"true"</span><span class="nt">></span>
<span class="nt"><result-types></span>
- <span class="nt"><result-type</span> <span
class="na">name=</span><span class="s">"chain"</span> <span
class="na">class=</span><span
class="s">"com.opensymphony.xwork2.ActionChainResult"</span><span
class="nt">/></span>
+ <span class="nt"><result-type</span> <span
class="na">name=</span><span class="s">"chain"</span> <span
class="na">class=</span><span
class="s">"org.apache.struts2.result.ActionChainResult"</span><span
class="nt">/></span>
<span class="nt"><result-type</span> <span
class="na">name=</span><span class="s">"dispatcher"</span> <span
class="na">class=</span><span
class="s">"org.apache.struts2.result.ServletDispatcherResult"</span> <span
class="na">default=</span><span class="s">"true"</span><span
class="nt">/></span>
<span class="nt"><result-type</span> <span
class="na">name=</span><span class="s">"freemarker"</span> <span
class="na">class=</span><span
class="s">"org.apache.struts2.views.freemarker.FreemarkerResult"</span><span
class="nt">/></span>
<span class="nt"><result-type</span> <span
class="na">name=</span><span class="s">"httpheader"</span> <span
class="na">class=</span><span
class="s">"org.apache.struts2.result.HttpHeaderResult"</span><span
class="nt">/></span>
@@ -295,8 +295,8 @@ than reiterate the same list of Interceptors, we can bundle
these Interceptors t
<span class="nt"></result-types></span>
<span class="nt"><interceptors></span>
- <span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"alias"</span> <span
class="na">class=</span><span
class="s">"com.opensymphony.xwork2.interceptor.AliasInterceptor"</span><span
class="nt">/></span>
- <span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"chain"</span> <span
class="na">class=</span><span
class="s">"com.opensymphony.xwork2.interceptor.ChainingInterceptor"</span><span
class="nt">/></span>
+ <span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"alias"</span> <span
class="na">class=</span><span
class="s">"org.apache.struts2.interceptor.AliasInterceptor"</span><span
class="nt">/></span>
+ <span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"chain"</span> <span
class="na">class=</span><span
class="s">"org.apache.struts2.interceptor.ChainingInterceptor"</span><span
class="nt">/></span>
<span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"coep"</span> <span
class="na">class=</span><span
class="s">"org.apache.struts2.interceptor.CoepInterceptor"</span><span
class="nt">/></span>
<span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"conversionError"</span>
<span class="na">class=</span><span
class="s">"org.apache.struts2.interceptor.StrutsConversionErrorInterceptor"</span><span
class="nt">/></span>
@@ -308,35 +308,32 @@ than reiterate the same list of Interceptors, we can
bundle these Interceptors t
<span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"csp"</span> <span
class="na">class=</span><span
class="s">"org.apache.struts2.interceptor.csp.CspInterceptor"</span><span
class="nt">/></span>
<span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"debugging"</span> <span
class="na">class=</span><span
class="s">"org.apache.struts2.interceptor.debugging.DebuggingInterceptor"</span><span
class="nt">/></span>
<span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"execAndWait"</span> <span
class="na">class=</span><span
class="s">"org.apache.struts2.interceptor.ExecuteAndWaitInterceptor"</span><span
class="nt">/></span>
- <span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"exception"</span> <span
class="na">class=</span><span
class="s">"com.opensymphony.xwork2.interceptor.ExceptionMappingInterceptor"</span><span
class="nt">/></span>
- <span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"fileUpload"</span> <span
class="na">class=</span><span
class="s">"org.apache.struts2.interceptor.FileUploadInterceptor"</span><span
class="nt">/></span>
+ <span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"exception"</span> <span
class="na">class=</span><span
class="s">"org.apache.struts2.interceptor.ExceptionMappingInterceptor"</span><span
class="nt">/></span>
<span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"actionFileUpload"</span> <span
class="na">class=</span><span
class="s">"org.apache.struts2.interceptor.ActionFileUploadInterceptor"</span><span
class="nt">/></span>
<span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"i18n"</span> <span
class="na">class=</span><span
class="s">"org.apache.struts2.interceptor.I18nInterceptor"</span><span
class="nt">/></span>
- <span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"logger"</span> <span
class="na">class=</span><span
class="s">"com.opensymphony.xwork2.interceptor.LoggingInterceptor"</span><span
class="nt">/></span>
- <span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"modelDriven"</span> <span
class="na">class=</span><span
class="s">"com.opensymphony.xwork2.interceptor.ModelDrivenInterceptor"</span><span
class="nt">/></span>
+ <span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"logger"</span> <span
class="na">class=</span><span
class="s">"org.apache.struts2.interceptor.LoggingInterceptor"</span><span
class="nt">/></span>
+ <span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"modelDriven"</span> <span
class="na">class=</span><span
class="s">"org.apache.struts2.interceptor.ModelDrivenInterceptor"</span><span
class="nt">/></span>
<span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"scopedModelDriven"</span>
- <span class="na">class=</span><span
class="s">"com.opensymphony.xwork2.interceptor.ScopedModelDrivenInterceptor"</span><span
class="nt">/></span>
- <span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"params"</span> <span
class="na">class=</span><span
class="s">"com.opensymphony.xwork2.interceptor.ParametersInterceptor"</span><span
class="nt">/></span>
- <span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"paramRemover"</span> <span
class="na">class=</span><span
class="s">"com.opensymphony.xwork2.interceptor.ParameterRemoverInterceptor"</span><span
class="nt">/></span>
+ <span class="na">class=</span><span
class="s">"org.apache.struts2.interceptor.ScopedModelDrivenInterceptor"</span><span
class="nt">/></span>
+ <span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"params"</span> <span
class="na">class=</span><span
class="s">"org.apache.struts2.interceptor.parameter.ParametersInterceptor"</span><span
class="nt">/></span>
+ <span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"paramRemover"</span> <span
class="na">class=</span><span
class="s">"org.apache.struts2.interceptor.ParameterRemoverInterceptor"</span><span
class="nt">/></span>
<span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"actionMappingParams"</span>
<span class="na">class=</span><span
class="s">"org.apache.struts2.interceptor.ActionMappingParametersInterceptor"</span><span
class="nt">/></span>
- <span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"prepare"</span> <span
class="na">class=</span><span
class="s">"com.opensymphony.xwork2.interceptor.PrepareInterceptor"</span><span
class="nt">/></span>
- <span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"staticParams"</span> <span
class="na">class=</span><span
class="s">"com.opensymphony.xwork2.interceptor.StaticParametersInterceptor"</span><span
class="nt">/></span>
+ <span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"prepare"</span> <span
class="na">class=</span><span
class="s">"org.apache.struts2.interceptor.PrepareInterceptor"</span><span
class="nt">/></span>
+ <span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"staticParams"</span> <span
class="na">class=</span><span
class="s">"org.apache.struts2.interceptor.StaticParametersInterceptor"</span><span
class="nt">/></span>
<span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"scope"</span> <span
class="na">class=</span><span
class="s">"org.apache.struts2.interceptor.ScopeInterceptor"</span><span
class="nt">/></span>
<span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"servletConfig"</span> <span
class="na">class=</span><span
class="s">"org.apache.struts2.interceptor.ServletConfigInterceptor"</span><span
class="nt">/></span>
<span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"token"</span> <span
class="na">class=</span><span
class="s">"org.apache.struts2.interceptor.TokenInterceptor"</span><span
class="nt">/></span>
<span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"tokenSession"</span> <span
class="na">class=</span><span
class="s">"org.apache.struts2.interceptor.TokenSessionStoreInterceptor"</span><span
class="nt">/></span>
<span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"validation"</span>
<span class="na">class=</span><span
class="s">"org.apache.struts2.interceptor.validation.AnnotationValidationInterceptor"</span><span
class="nt">/></span>
- <span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"workflow"</span> <span
class="na">class=</span><span
class="s">"com.opensymphony.xwork2.interceptor.DefaultWorkflowInterceptor"</span><span
class="nt">/></span>
+ <span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"workflow"</span> <span
class="na">class=</span><span
class="s">"org.apache.struts2.interceptor.DefaultWorkflowInterceptor"</span><span
class="nt">/></span>
<span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"store"</span> <span
class="na">class=</span><span
class="s">"org.apache.struts2.interceptor.MessageStoreInterceptor"</span><span
class="nt">/></span>
<span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"checkbox"</span> <span
class="na">class=</span><span
class="s">"org.apache.struts2.interceptor.CheckboxInterceptor"</span><span
class="nt">/></span>
<span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"datetime"</span> <span
class="na">class=</span><span
class="s">"org.apache.struts2.interceptor.DateTextFieldInterceptor"</span><span
class="nt">/></span>
<span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"roles"</span> <span
class="na">class=</span><span
class="s">"org.apache.struts2.interceptor.RolesInterceptor"</span><span
class="nt">/></span>
<span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"annotationWorkflow"</span>
- <span class="na">class=</span><span
class="s">"com.opensymphony.xwork2.interceptor.annotations.AnnotationWorkflowInterceptor"</span><span
class="nt">/></span>
- <span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"annotationParameterFilter"</span>
- <span class="na">class=</span><span
class="s">"com.opensymphony.xwork2.interceptor.annotations.AnnotationParameterFilterInterceptor"</span><span
class="nt">/></span>
+ <span class="na">class=</span><span
class="s">"org.apache.struts2.interceptor.annotations.AnnotationWorkflowInterceptor"</span><span
class="nt">/></span>
<span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"multiselect"</span> <span
class="na">class=</span><span
class="s">"org.apache.struts2.interceptor.MultiselectInterceptor"</span><span
class="nt">/></span>
<span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"noop"</span> <span
class="na">class=</span><span
class="s">"org.apache.struts2.interceptor.NoOpInterceptor"</span><span
class="nt">/></span>
<span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"fetchMetadata"</span> <span
class="na">class=</span><span
class="s">"org.apache.struts2.interceptor.FetchMetadataInterceptor"</span><span
class="nt">/></span>
@@ -368,12 +365,6 @@ than reiterate the same list of Interceptors, we can
bundle these Interceptors t
<span class="nt"><interceptor-ref</span> <span
class="na">name=</span><span class="s">"workflow"</span><span
class="nt">/></span>
<span class="nt"></interceptor-stack></span>
- <span class="c"><!-- Sample file upload stack --></span>
- <span class="nt"><interceptor-stack</span> <span
class="na">name=</span><span class="s">"fileUploadStack"</span><span
class="nt">></span>
- <span class="nt"><interceptor-ref</span> <span
class="na">name=</span><span class="s">"fileUpload"</span><span
class="nt">/></span>
- <span class="nt"><interceptor-ref</span> <span
class="na">name=</span><span class="s">"basicStack"</span><span
class="nt">/></span>
- <span class="nt"></interceptor-stack></span>
-
<span class="c"><!-- Action based file upload stack
--></span>
<span class="nt"><interceptor-stack</span> <span
class="na">name=</span><span class="s">"actionFileUploadStack"</span><span
class="nt">></span>
<span class="nt"><interceptor-ref</span> <span
class="na">name=</span><span class="s">"actionFileUpload"</span><span
class="nt">/></span>
@@ -423,7 +414,6 @@ than reiterate the same list of Interceptors, we can bundle
these Interceptors t
<span class="nt"><interceptor-ref</span> <span
class="na">name=</span><span class="s">"prepare"</span><span
class="nt">/></span>
<span class="nt"><interceptor-ref</span> <span
class="na">name=</span><span class="s">"chain"</span><span
class="nt">/></span>
<span class="nt"><interceptor-ref</span> <span
class="na">name=</span><span class="s">"modelDriven"</span><span
class="nt">/></span>
- <span class="nt"><interceptor-ref</span> <span
class="na">name=</span><span class="s">"fileUpload"</span><span
class="nt">/></span>
<span class="nt"><interceptor-ref</span> <span
class="na">name=</span><span class="s">"actionFileUpload"</span><span
class="nt">/></span>
<span class="nt"><interceptor-ref</span> <span
class="na">name=</span><span class="s">"staticParams"</span><span
class="nt">/></span>
<span class="nt"><interceptor-ref</span> <span
class="na">name=</span><span class="s">"actionMappingParams"</span><span
class="nt">/></span>
@@ -462,7 +452,6 @@ than reiterate the same list of Interceptors, we can bundle
these Interceptors t
<span class="nt"><interceptor-ref</span> <span
class="na">name=</span><span class="s">"chain"</span><span
class="nt">/></span>
<span class="nt"><interceptor-ref</span> <span
class="na">name=</span><span class="s">"scopedModelDriven"</span><span
class="nt">/></span>
<span class="nt"><interceptor-ref</span> <span
class="na">name=</span><span class="s">"modelDriven"</span><span
class="nt">/></span>
- <span class="nt"><interceptor-ref</span> <span
class="na">name=</span><span class="s">"fileUpload"</span><span
class="nt">/></span>
<span class="nt"><interceptor-ref</span> <span
class="na">name=</span><span class="s">"actionFileUpload"</span><span
class="nt">/></span>
<span class="nt"><interceptor-ref</span> <span
class="na">name=</span><span class="s">"checkbox"</span><span
class="nt">/></span>
<span class="nt"><interceptor-ref</span> <span
class="na">name=</span><span class="s">"datetime"</span><span
class="nt">/></span>
@@ -516,7 +505,7 @@ than reiterate the same list of Interceptors, we can bundle
these Interceptors t
<span class="nt"><default-interceptor-ref</span> <span
class="na">name=</span><span class="s">"defaultStack"</span><span
class="nt">/></span>
- <span class="nt"><default-class-ref</span> <span
class="na">class=</span><span
class="s">"com.opensymphony.xwork2.ActionSupport"</span><span
class="nt">/></span>
+ <span class="nt"><default-class-ref</span> <span
class="na">class=</span><span
class="s">"org.apache.struts2.ActionSupport"</span><span class="nt">/></span>
<span
class="nt"><global-allowed-methods></span>execute,input,back,cancel,browse,save,delete,list,index<span
class="nt"></global-allowed-methods></span>
diff --git a/content/core-developers/struts-default-xml.html
b/content/core-developers/struts-default-xml.html
index a8f7266bd..a8d8e4225 100644
--- a/content/core-developers/struts-default-xml.html
+++ b/content/core-developers/struts-default-xml.html
@@ -195,7 +195,7 @@ setting in <a
href="default-properties">default.properties</a>.</p>
<span class="nt"><package</span> <span class="na">name=</span><span
class="s">"struts-default"</span> <span class="na">abstract=</span><span
class="s">"true"</span><span class="nt">></span>
<span class="nt"><result-types></span>
- <span class="nt"><result-type</span> <span
class="na">name=</span><span class="s">"chain"</span> <span
class="na">class=</span><span
class="s">"com.opensymphony.xwork2.ActionChainResult"</span><span
class="nt">/></span>
+ <span class="nt"><result-type</span> <span
class="na">name=</span><span class="s">"chain"</span> <span
class="na">class=</span><span
class="s">"org.apache.struts2.result.ActionChainResult"</span><span
class="nt">/></span>
<span class="nt"><result-type</span> <span
class="na">name=</span><span class="s">"dispatcher"</span> <span
class="na">class=</span><span
class="s">"org.apache.struts2.result.ServletDispatcherResult"</span> <span
class="na">default=</span><span class="s">"true"</span><span
class="nt">/></span>
<span class="nt"><result-type</span> <span
class="na">name=</span><span class="s">"freemarker"</span> <span
class="na">class=</span><span
class="s">"org.apache.struts2.views.freemarker.FreemarkerResult"</span><span
class="nt">/></span>
<span class="nt"><result-type</span> <span
class="na">name=</span><span class="s">"httpheader"</span> <span
class="na">class=</span><span
class="s">"org.apache.struts2.result.HttpHeaderResult"</span><span
class="nt">/></span>
@@ -207,8 +207,8 @@ setting in <a
href="default-properties">default.properties</a>.</p>
<span class="nt"></result-types></span>
<span class="nt"><interceptors></span>
- <span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"alias"</span> <span
class="na">class=</span><span
class="s">"com.opensymphony.xwork2.interceptor.AliasInterceptor"</span><span
class="nt">/></span>
- <span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"chain"</span> <span
class="na">class=</span><span
class="s">"com.opensymphony.xwork2.interceptor.ChainingInterceptor"</span><span
class="nt">/></span>
+ <span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"alias"</span> <span
class="na">class=</span><span
class="s">"org.apache.struts2.interceptor.AliasInterceptor"</span><span
class="nt">/></span>
+ <span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"chain"</span> <span
class="na">class=</span><span
class="s">"org.apache.struts2.interceptor.ChainingInterceptor"</span><span
class="nt">/></span>
<span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"coep"</span> <span
class="na">class=</span><span
class="s">"org.apache.struts2.interceptor.CoepInterceptor"</span><span
class="nt">/></span>
<span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"conversionError"</span>
<span class="na">class=</span><span
class="s">"org.apache.struts2.interceptor.StrutsConversionErrorInterceptor"</span><span
class="nt">/></span>
@@ -220,35 +220,32 @@ setting in <a
href="default-properties">default.properties</a>.</p>
<span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"csp"</span> <span
class="na">class=</span><span
class="s">"org.apache.struts2.interceptor.csp.CspInterceptor"</span><span
class="nt">/></span>
<span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"debugging"</span> <span
class="na">class=</span><span
class="s">"org.apache.struts2.interceptor.debugging.DebuggingInterceptor"</span><span
class="nt">/></span>
<span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"execAndWait"</span> <span
class="na">class=</span><span
class="s">"org.apache.struts2.interceptor.ExecuteAndWaitInterceptor"</span><span
class="nt">/></span>
- <span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"exception"</span> <span
class="na">class=</span><span
class="s">"com.opensymphony.xwork2.interceptor.ExceptionMappingInterceptor"</span><span
class="nt">/></span>
- <span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"fileUpload"</span> <span
class="na">class=</span><span
class="s">"org.apache.struts2.interceptor.FileUploadInterceptor"</span><span
class="nt">/></span>
+ <span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"exception"</span> <span
class="na">class=</span><span
class="s">"org.apache.struts2.interceptor.ExceptionMappingInterceptor"</span><span
class="nt">/></span>
<span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"actionFileUpload"</span> <span
class="na">class=</span><span
class="s">"org.apache.struts2.interceptor.ActionFileUploadInterceptor"</span><span
class="nt">/></span>
<span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"i18n"</span> <span
class="na">class=</span><span
class="s">"org.apache.struts2.interceptor.I18nInterceptor"</span><span
class="nt">/></span>
- <span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"logger"</span> <span
class="na">class=</span><span
class="s">"com.opensymphony.xwork2.interceptor.LoggingInterceptor"</span><span
class="nt">/></span>
- <span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"modelDriven"</span> <span
class="na">class=</span><span
class="s">"com.opensymphony.xwork2.interceptor.ModelDrivenInterceptor"</span><span
class="nt">/></span>
+ <span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"logger"</span> <span
class="na">class=</span><span
class="s">"org.apache.struts2.interceptor.LoggingInterceptor"</span><span
class="nt">/></span>
+ <span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"modelDriven"</span> <span
class="na">class=</span><span
class="s">"org.apache.struts2.interceptor.ModelDrivenInterceptor"</span><span
class="nt">/></span>
<span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"scopedModelDriven"</span>
- <span class="na">class=</span><span
class="s">"com.opensymphony.xwork2.interceptor.ScopedModelDrivenInterceptor"</span><span
class="nt">/></span>
- <span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"params"</span> <span
class="na">class=</span><span
class="s">"com.opensymphony.xwork2.interceptor.ParametersInterceptor"</span><span
class="nt">/></span>
- <span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"paramRemover"</span> <span
class="na">class=</span><span
class="s">"com.opensymphony.xwork2.interceptor.ParameterRemoverInterceptor"</span><span
class="nt">/></span>
+ <span class="na">class=</span><span
class="s">"org.apache.struts2.interceptor.ScopedModelDrivenInterceptor"</span><span
class="nt">/></span>
+ <span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"params"</span> <span
class="na">class=</span><span
class="s">"org.apache.struts2.interceptor.parameter.ParametersInterceptor"</span><span
class="nt">/></span>
+ <span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"paramRemover"</span> <span
class="na">class=</span><span
class="s">"org.apache.struts2.interceptor.ParameterRemoverInterceptor"</span><span
class="nt">/></span>
<span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"actionMappingParams"</span>
<span class="na">class=</span><span
class="s">"org.apache.struts2.interceptor.ActionMappingParametersInterceptor"</span><span
class="nt">/></span>
- <span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"prepare"</span> <span
class="na">class=</span><span
class="s">"com.opensymphony.xwork2.interceptor.PrepareInterceptor"</span><span
class="nt">/></span>
- <span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"staticParams"</span> <span
class="na">class=</span><span
class="s">"com.opensymphony.xwork2.interceptor.StaticParametersInterceptor"</span><span
class="nt">/></span>
+ <span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"prepare"</span> <span
class="na">class=</span><span
class="s">"org.apache.struts2.interceptor.PrepareInterceptor"</span><span
class="nt">/></span>
+ <span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"staticParams"</span> <span
class="na">class=</span><span
class="s">"org.apache.struts2.interceptor.StaticParametersInterceptor"</span><span
class="nt">/></span>
<span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"scope"</span> <span
class="na">class=</span><span
class="s">"org.apache.struts2.interceptor.ScopeInterceptor"</span><span
class="nt">/></span>
<span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"servletConfig"</span> <span
class="na">class=</span><span
class="s">"org.apache.struts2.interceptor.ServletConfigInterceptor"</span><span
class="nt">/></span>
<span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"token"</span> <span
class="na">class=</span><span
class="s">"org.apache.struts2.interceptor.TokenInterceptor"</span><span
class="nt">/></span>
<span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"tokenSession"</span> <span
class="na">class=</span><span
class="s">"org.apache.struts2.interceptor.TokenSessionStoreInterceptor"</span><span
class="nt">/></span>
<span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"validation"</span>
<span class="na">class=</span><span
class="s">"org.apache.struts2.interceptor.validation.AnnotationValidationInterceptor"</span><span
class="nt">/></span>
- <span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"workflow"</span> <span
class="na">class=</span><span
class="s">"com.opensymphony.xwork2.interceptor.DefaultWorkflowInterceptor"</span><span
class="nt">/></span>
+ <span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"workflow"</span> <span
class="na">class=</span><span
class="s">"org.apache.struts2.interceptor.DefaultWorkflowInterceptor"</span><span
class="nt">/></span>
<span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"store"</span> <span
class="na">class=</span><span
class="s">"org.apache.struts2.interceptor.MessageStoreInterceptor"</span><span
class="nt">/></span>
<span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"checkbox"</span> <span
class="na">class=</span><span
class="s">"org.apache.struts2.interceptor.CheckboxInterceptor"</span><span
class="nt">/></span>
<span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"datetime"</span> <span
class="na">class=</span><span
class="s">"org.apache.struts2.interceptor.DateTextFieldInterceptor"</span><span
class="nt">/></span>
<span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"roles"</span> <span
class="na">class=</span><span
class="s">"org.apache.struts2.interceptor.RolesInterceptor"</span><span
class="nt">/></span>
<span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"annotationWorkflow"</span>
- <span class="na">class=</span><span
class="s">"com.opensymphony.xwork2.interceptor.annotations.AnnotationWorkflowInterceptor"</span><span
class="nt">/></span>
- <span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"annotationParameterFilter"</span>
- <span class="na">class=</span><span
class="s">"com.opensymphony.xwork2.interceptor.annotations.AnnotationParameterFilterInterceptor"</span><span
class="nt">/></span>
+ <span class="na">class=</span><span
class="s">"org.apache.struts2.interceptor.annotations.AnnotationWorkflowInterceptor"</span><span
class="nt">/></span>
<span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"multiselect"</span> <span
class="na">class=</span><span
class="s">"org.apache.struts2.interceptor.MultiselectInterceptor"</span><span
class="nt">/></span>
<span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"noop"</span> <span
class="na">class=</span><span
class="s">"org.apache.struts2.interceptor.NoOpInterceptor"</span><span
class="nt">/></span>
<span class="nt"><interceptor</span> <span
class="na">name=</span><span class="s">"fetchMetadata"</span> <span
class="na">class=</span><span
class="s">"org.apache.struts2.interceptor.FetchMetadataInterceptor"</span><span
class="nt">/></span>
@@ -280,12 +277,6 @@ setting in <a
href="default-properties">default.properties</a>.</p>
<span class="nt"><interceptor-ref</span> <span
class="na">name=</span><span class="s">"workflow"</span><span
class="nt">/></span>
<span class="nt"></interceptor-stack></span>
- <span class="c"><!-- Sample file upload stack --></span>
- <span class="nt"><interceptor-stack</span> <span
class="na">name=</span><span class="s">"fileUploadStack"</span><span
class="nt">></span>
- <span class="nt"><interceptor-ref</span> <span
class="na">name=</span><span class="s">"fileUpload"</span><span
class="nt">/></span>
- <span class="nt"><interceptor-ref</span> <span
class="na">name=</span><span class="s">"basicStack"</span><span
class="nt">/></span>
- <span class="nt"></interceptor-stack></span>
-
<span class="c"><!-- Action based file upload stack
--></span>
<span class="nt"><interceptor-stack</span> <span
class="na">name=</span><span class="s">"actionFileUploadStack"</span><span
class="nt">></span>
<span class="nt"><interceptor-ref</span> <span
class="na">name=</span><span class="s">"actionFileUpload"</span><span
class="nt">/></span>
@@ -335,7 +326,6 @@ setting in <a
href="default-properties">default.properties</a>.</p>
<span class="nt"><interceptor-ref</span> <span
class="na">name=</span><span class="s">"prepare"</span><span
class="nt">/></span>
<span class="nt"><interceptor-ref</span> <span
class="na">name=</span><span class="s">"chain"</span><span
class="nt">/></span>
<span class="nt"><interceptor-ref</span> <span
class="na">name=</span><span class="s">"modelDriven"</span><span
class="nt">/></span>
- <span class="nt"><interceptor-ref</span> <span
class="na">name=</span><span class="s">"fileUpload"</span><span
class="nt">/></span>
<span class="nt"><interceptor-ref</span> <span
class="na">name=</span><span class="s">"actionFileUpload"</span><span
class="nt">/></span>
<span class="nt"><interceptor-ref</span> <span
class="na">name=</span><span class="s">"staticParams"</span><span
class="nt">/></span>
<span class="nt"><interceptor-ref</span> <span
class="na">name=</span><span class="s">"actionMappingParams"</span><span
class="nt">/></span>
@@ -374,7 +364,6 @@ setting in <a
href="default-properties">default.properties</a>.</p>
<span class="nt"><interceptor-ref</span> <span
class="na">name=</span><span class="s">"chain"</span><span
class="nt">/></span>
<span class="nt"><interceptor-ref</span> <span
class="na">name=</span><span class="s">"scopedModelDriven"</span><span
class="nt">/></span>
<span class="nt"><interceptor-ref</span> <span
class="na">name=</span><span class="s">"modelDriven"</span><span
class="nt">/></span>
- <span class="nt"><interceptor-ref</span> <span
class="na">name=</span><span class="s">"fileUpload"</span><span
class="nt">/></span>
<span class="nt"><interceptor-ref</span> <span
class="na">name=</span><span class="s">"actionFileUpload"</span><span
class="nt">/></span>
<span class="nt"><interceptor-ref</span> <span
class="na">name=</span><span class="s">"checkbox"</span><span
class="nt">/></span>
<span class="nt"><interceptor-ref</span> <span
class="na">name=</span><span class="s">"datetime"</span><span
class="nt">/></span>
@@ -428,7 +417,7 @@ setting in <a
href="default-properties">default.properties</a>.</p>
<span class="nt"><default-interceptor-ref</span> <span
class="na">name=</span><span class="s">"defaultStack"</span><span
class="nt">/></span>
- <span class="nt"><default-class-ref</span> <span
class="na">class=</span><span
class="s">"com.opensymphony.xwork2.ActionSupport"</span><span
class="nt">/></span>
+ <span class="nt"><default-class-ref</span> <span
class="na">class=</span><span
class="s">"org.apache.struts2.ActionSupport"</span><span class="nt">/></span>
<span
class="nt"><global-allowed-methods></span>execute,input,back,cancel,browse,save,delete,list,index<span
class="nt"></global-allowed-methods></span>
diff --git a/content/core-developers/validation.html
b/content/core-developers/validation.html
index 9e0daf6ba..79350d943 100644
--- a/content/core-developers/validation.html
+++ b/content/core-developers/validation.html
@@ -245,52 +245,7 @@ to have many field-validators which is almost always the
case.</p>
<p>The following list shows the default validators included in the framework
and is an example of the syntax used to declare
our own validators.</p>
-<figure class="highlight"><pre><code class="language-xml"
data-lang="xml"><span class="cp"><?xml version="1.0"
encoding="UTF-8"?></span>
-<span class="c"><!--
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
---></span>
-<span class="cp"><!DOCTYPE validators PUBLIC
- "-//Apache Struts//XWork Validator Definition 1.0//EN"
-
"https://struts.apache.org/dtds/xwork-validator-definition-1.0.dtd"></span>
-
-<span class="c"><!-- START SNIPPET: validators-default --></span>
-<span class="nt"><validators></span>
- <span class="nt"><validator</span> <span class="na">name=</span><span
class="s">"required"</span> <span class="na">class=</span><span
class="s">"com.opensymphony.xwork2.validator.validators.RequiredFieldValidator"</span><span
class="nt">/></span>
- <span class="nt"><validator</span> <span class="na">name=</span><span
class="s">"requiredstring"</span> <span class="na">class=</span><span
class="s">"com.opensymphony.xwork2.validator.validators.RequiredStringValidator"</span><span
class="nt">/></span>
- <span class="nt"><validator</span> <span class="na">name=</span><span
class="s">"int"</span> <span class="na">class=</span><span
class="s">"com.opensymphony.xwork2.validator.validators.IntRangeFieldValidator"</span><span
class="nt">/></span>
- <span class="nt"><validator</span> <span class="na">name=</span><span
class="s">"long"</span> <span class="na">class=</span><span
class="s">"com.opensymphony.xwork2.validator.validators.LongRangeFieldValidator"</span><span
class="nt">/></span>
- <span class="nt"><validator</span> <span class="na">name=</span><span
class="s">"short"</span> <span class="na">class=</span><span
class="s">"com.opensymphony.xwork2.validator.validators.ShortRangeFieldValidator"</span><span
class="nt">/></span>
- <span class="nt"><validator</span> <span class="na">name=</span><span
class="s">"double"</span> <span class="na">class=</span><span
class="s">"com.opensymphony.xwork2.validator.validators.DoubleRangeFieldValidator"</span><span
class="nt">/></span>
- <span class="nt"><validator</span> <span class="na">name=</span><span
class="s">"date"</span> <span class="na">class=</span><span
class="s">"com.opensymphony.xwork2.validator.validators.DateRangeFieldValidator"</span><span
class="nt">/></span>
- <span class="nt"><validator</span> <span class="na">name=</span><span
class="s">"expression"</span> <span class="na">class=</span><span
class="s">"com.opensymphony.xwork2.validator.validators.ExpressionValidator"</span><span
class="nt">/></span>
- <span class="nt"><validator</span> <span class="na">name=</span><span
class="s">"fieldexpression"</span> <span class="na">class=</span><span
class="s">"com.opensymphony.xwork2.validator.validators.FieldExpressionValidator"</span><span
class="nt">/></span>
- <span class="nt"><validator</span> <span class="na">name=</span><span
class="s">"email"</span> <span class="na">class=</span><span
class="s">"com.opensymphony.xwork2.validator.validators.EmailValidator"</span><span
class="nt">/></span>
- <span class="nt"><validator</span> <span class="na">name=</span><span
class="s">"creditcard"</span> <span class="na">class=</span><span
class="s">"com.opensymphony.xwork2.validator.validators.CreditCardValidator"</span><span
class="nt">/></span>
- <span class="nt"><validator</span> <span class="na">name=</span><span
class="s">"url"</span> <span class="na">class=</span><span
class="s">"com.opensymphony.xwork2.validator.validators.URLValidator"</span><span
class="nt">/></span>
- <span class="nt"><validator</span> <span class="na">name=</span><span
class="s">"visitor"</span> <span class="na">class=</span><span
class="s">"com.opensymphony.xwork2.validator.validators.VisitorFieldValidator"</span><span
class="nt">/></span>
- <span class="nt"><validator</span> <span class="na">name=</span><span
class="s">"conversion"</span> <span class="na">class=</span><span
class="s">"com.opensymphony.xwork2.validator.validators.ConversionErrorFieldValidator"</span><span
class="nt">/></span>
- <span class="nt"><validator</span> <span class="na">name=</span><span
class="s">"stringlength"</span> <span class="na">class=</span><span
class="s">"com.opensymphony.xwork2.validator.validators.StringLengthFieldValidator"</span><span
class="nt">/></span>
- <span class="nt"><validator</span> <span class="na">name=</span><span
class="s">"regex"</span> <span class="na">class=</span><span
class="s">"com.opensymphony.xwork2.validator.validators.RegexFieldValidator"</span><span
class="nt">/></span>
- <span class="nt"><validator</span> <span class="na">name=</span><span
class="s">"conditionalvisitor"</span> <span class="na">class=</span><span
class="s">"com.opensymphony.xwork2.validator.validators.ConditionalVisitorFieldValidator"</span><span
class="nt">/></span>
-<span class="nt"></validators></span>
-<span class="c"><!-- END SNIPPET: validators-default
--></span></code></pre></figure>
+<figure class="highlight"><pre><code class="language-xml" data-lang="xml">404:
Not Found</code></pre></figure>
<blockquote>
<p><strong>Struts 2.1 and Prior</strong>
diff --git a/content/index.html b/content/index.html
index a9ffa6cf3..1105142a3 100644
--- a/content/index.html
+++ b/content/index.html
@@ -183,12 +183,15 @@
<a
href="https://cwiki.apache.org/confluence/display/WW/Version+Notes+6.6.1";>Version
notes</a>
</div>
<div class="column col-md-4">
- <h2>Apache Struts 2.5.33 GA</h2>
+ <h2>CVE-2024-53677 File upload logic is flawed</h2>
<p>
- Apache Struts 2.5.33 GA has been released<br/>on 7 December 2023.
+ Upgrade to Apache Struts 6.4.0 at least and migrate to
+ the new <a href="core-developers/action-file-upload">Action File
Upload</a> mechanism.
+ </p>
+ <p>
+ Read more in <a href="announce-2024#a20241210">Announcement</a> or in
+ the Security Bulletin <a
href="https://cwiki.apache.org/confluence/display/WW/S2-067";>S2-067</a>
</p>
- Read more in <a href="announce-2023#a20231207-2">Announcement</a> or in
- <a
href="https://cwiki.apache.org/confluence/display/WW/Version+Notes+2.5.33";>Version
notes</a>
</div>
</div>
<div class="row">
diff --git a/content/releases.html b/content/releases.html
index 93f64940f..4f8c48c5e 100644
--- a/content/releases.html
+++ b/content/releases.html
@@ -285,6 +285,7 @@
</td>
<td class="no-wrap">7 December 2023</td>
<td>
+ <a
href="https://cwiki.apache.org/confluence/display/WW/S2-066";>S2-067</a>
</td>
<td>
<a
href="https://cwiki.apache.org/confluence/display/WW/Version+Notes+6.3.0.2";>Version
notes</a>
@@ -296,6 +297,7 @@
</td>
<td class="no-wrap">13 September 2023</td>
<td>
+ <a
href="https://cwiki.apache.org/confluence/display/WW/S2-066";>S2-067</a>,
<a
href="https://cwiki.apache.org/confluence/display/WW/S2-066";>S2-066</a>
</td>
<td>
@@ -308,6 +310,7 @@
</td>
<td class="no-wrap">4 September 2023</td>
<td>
+ <a
href="https://cwiki.apache.org/confluence/display/WW/S2-066";>S2-067</a>,
<a
href="https://cwiki.apache.org/confluence/display/WW/S2-066";>S2-066</a>,
<a
href="https://cwiki.apache.org/confluence/display/WW/S2-065";>S2-065</a>
</td>
@@ -321,6 +324,7 @@
</td>
<td class="no-wrap">10 July 2023</td>
<td>
+ <a
href="https://cwiki.apache.org/confluence/display/WW/S2-066";>S2-067</a>,
<a
href="https://cwiki.apache.org/confluence/display/WW/S2-066";>S2-066</a>,
<a
href="https://cwiki.apache.org/confluence/display/WW/S2-065";>S2-065</a>
</td>
@@ -334,6 +338,7 @@
</td>
<td class="no-wrap">13 June 2023</td>
<td>
+ <a
href="https://cwiki.apache.org/confluence/display/WW/S2-066";>S2-067</a>,
<a
href="https://cwiki.apache.org/confluence/display/WW/S2-066";>S2-066</a>,
<a
href="https://cwiki.apache.org/confluence/display/WW/S2-065";>S2-065</a>
</td>
@@ -347,6 +352,7 @@
</td>
<td class="no-wrap">13 June 2023</td>
<td>
+ <a
href="https://cwiki.apache.org/confluence/display/WW/S2-066";>S2-067</a>,
<a
href="https://cwiki.apache.org/confluence/display/WW/S2-066";>S2-066</a>,
<a
href="https://cwiki.apache.org/confluence/display/WW/S2-065";>S2-065</a>
</td>
@@ -360,6 +366,7 @@
</td>
<td class="no-wrap">10 March 2023</td>
<td>
+ <a
href="https://cwiki.apache.org/confluence/display/WW/S2-066";>S2-067</a>,
<a
href="https://cwiki.apache.org/confluence/display/WW/S2-066";>S2-066</a>,
<a
href="https://cwiki.apache.org/confluence/display/WW/S2-065";>S2-065</a>,
<a
href="https://cwiki.apache.org/confluence/display/WW/S2-064";>S2-064</a>,
@@ -375,6 +382,7 @@
</td>
<td class="no-wrap">28 November 2022</td>
<td>
+ <a
href="https://cwiki.apache.org/confluence/display/WW/S2-066";>S2-067</a>,
<a
href="https://cwiki.apache.org/confluence/display/WW/S2-066";>S2-066</a>,
<a
href="https://cwiki.apache.org/confluence/display/WW/S2-065";>S2-065</a>,
<a
href="https://cwiki.apache.org/confluence/display/WW/S2-064";>S2-064</a>,
@@ -390,6 +398,7 @@
</td>
<td class="no-wrap">15 September 2022</td>
<td>
+ <a
href="https://cwiki.apache.org/confluence/display/WW/S2-066";>S2-067</a>,
<a
href="https://cwiki.apache.org/confluence/display/WW/S2-066";>S2-066</a>,
<a
href="https://cwiki.apache.org/confluence/display/WW/S2-065";>S2-065</a>,
<a
href="https://cwiki.apache.org/confluence/display/WW/S2-064";>S2-064</a>,
@@ -405,6 +414,7 @@
</td>
<td class="no-wrap">6 June 2022</td>
<td>
+ <a
href="https://cwiki.apache.org/confluence/display/WW/S2-066";>S2-067</a>,
<a
href="https://cwiki.apache.org/confluence/display/WW/S2-066";>S2-066</a>,
<a
href="https://cwiki.apache.org/confluence/display/WW/S2-065";>S2-065</a>,
<a
href="https://cwiki.apache.org/confluence/display/WW/S2-064";>S2-064</a>,
@@ -420,6 +430,7 @@
</td>
<td class="no-wrap">4 April 2022</td>
<td>
+ <a
href="https://cwiki.apache.org/confluence/display/WW/S2-066";>S2-067</a>,
<a
href="https://cwiki.apache.org/confluence/display/WW/S2-066";>S2-066</a>,
<a
href="https://cwiki.apache.org/confluence/display/WW/S2-065";>S2-065</a>,
<a
href="https://cwiki.apache.org/confluence/display/WW/S2-064";>S2-064</a>,
diff --git a/content/tag-developers/css-xhtml-theme.html
b/content/tag-developers/css-xhtml-theme.html
index 762fd4869..471573b24 100644
--- a/content/tag-developers/css-xhtml-theme.html
+++ b/content/tag-developers/css-xhtml-theme.html
@@ -191,36 +191,36 @@ the HTML tags are wrapped by a standard header and
footer. For example, in the <
*/
-->
<input<#rt/>
- type="${(parameters.type!"text")}"<#rt/>
- name="${(parameters.name!"")}"<#rt/>
-<#if parameters.get("size")?has_content>
- size="${parameters.get("size")}"<#rt/>
+ type="${(attributes.type!"text")}"<#rt/>
+ name="${(attributes.name!"")}"<#rt/>
+<#if attributes.get("size")?has_content>
+ size="${attributes.get("size")}"<#rt/>
</#if>
-<#if parameters.maxlength?has_content>
- maxlength="${parameters.maxlength}"<#rt/>
+<#if attributes.maxlength?has_content>
+ maxlength="${attributes.maxlength}"<#rt/>
</#if>
-<#if parameters.nameValue??>
- value="${parameters.nameValue}"<#rt/>
+<#if attributes.nameValue??>
+ value="${attributes.nameValue}"<#rt/>
</#if>
-<#if parameters.disabled!false>
+<#if attributes.disabled!false>
disabled="disabled"<#rt/>
</#if>
-<#if parameters.readonly!false>
+<#if attributes.readonly!false>
readonly="readonly"<#rt/>
</#if>
-<#if parameters.tabindex?has_content>
- tabindex="${parameters.tabindex}"<#rt/>
+<#if attributes.tabindex?has_content>
+ tabindex="${attributes.tabindex}"<#rt/>
</#if>
-<#if parameters.id?has_content>
- id="${parameters.id}"<#rt/>
+<#if attributes.id?has_content>
+ id="${attributes.id}"<#rt/>
</#if>
-<#include "/${parameters.templateDir}/${parameters.expandTheme}/css.ftl"
/>
-<#if parameters.title?has_content>
- title="${parameters.title}"<#rt/>
+<#include "/${attributes.templateDir}/${attributes.expandTheme}/css.ftl"
/>
+<#if attributes.title?has_content>
+ title="${attributes.title}"<#rt/>
</#if>
-<#include
"/${parameters.templateDir}/${parameters.expandTheme}/scripting-events.ftl"
/>
-<#include
"/${parameters.templateDir}/${parameters.expandTheme}/common-attributes.ftl"
/>
-<#include
"/${parameters.templateDir}/${parameters.expandTheme}/dynamic-attributes.ftl"
/>
+<#include
"/${attributes.templateDir}/${attributes.expandTheme}/scripting-events.ftl"
/>
+<#include
"/${attributes.templateDir}/${attributes.expandTheme}/common-attributes.ftl"
/>
+<#include
"/${attributes.templateDir}/${attributes.expandTheme}/dynamic-attributes.ftl"
/>
/></code></pre></figure>
<h2 id="css-xhtml-theme-header">CSS XHTML theme header</h2>
@@ -248,18 +248,18 @@ the CSS theme does not use a <code
class="language-plaintext highlighter-rouge">
* under the License.
*/
-->
-<#include
"/${parameters.templateDir}/${parameters.expandTheme}/controlheader-core.ftl">
-<#if !parameters.labelPosition?? &&
(parameters.form.labelPosition)??>
-<#assign labelPos = parameters.form.labelPosition/>
-<#elseif parameters.labelPosition??>
-<#assign labelPos = parameters.labelPosition/>
+<#include
"/${attributes.templateDir}/${attributes.expandTheme}/controlheader-core.ftl">
+<#if !attributes.labelPosition?? &&
(attributes.form.labelPosition)??>
+<#assign labelPos = attributes.form.labelPosition/>
+<#elseif attributes.labelPosition??>
+<#assign labelPos = attributes.labelPosition/>
</#if>
<#if (labelPos!"top") == 'top'>
<div <#rt/>
<#else>
<span <#rt/>
</#if>
-<#if
parameters.id??>id="wwctrl_${parameters.id}"<#rt/></#if>
class="wwctrl"></code></pre></figure>
+<#if
attributes.id??>id="wwctrl_${attributes.id}"<#rt/></#if>
class="wwctrl"></code></pre></figure>
<p>Note that the <code class="language-plaintext
highlighter-rouge">fieldErrors</code>, usually caused by <a
href="../core-developers/validation">Validation</a>, are displayed in a <code
class="language-plaintext highlighter-rouge">div</code>
block before the element is displayed.</p>
@@ -288,26 +288,26 @@ block before the element is displayed.</p>
* under the License.
*/
-->
-${parameters.after!}<#t/>
+${attributes.after!}<#t/>
<#lt/>
-<#if !parameters.labelPosition?? &&
(parameters.form.labelPosition)??>
-<#assign labelPos = parameters.form.labelPosition/>
-<#elseif parameters.labelPosition??>
-<#assign labelPos = parameters.labelPosition/>
+<#if !attributes.labelPosition?? &&
(attributes.form.labelPosition)??>
+<#assign labelPos = attributes.form.labelPosition/>
+<#elseif attributes.labelPosition??>
+<#assign labelPos = attributes.labelPosition/>
</#if>
<#if (labelPos!"top") == 'top'>
</div> <#rt/>
<#else>
</span> <#rt/>
</#if>
-<#if (parameters.errorposition!"top") == 'bottom'>
-<#assign hasFieldErrors = parameters.name?? && fieldErrors??
&& fieldErrors.get(parameters.name)??/>
+<#if (attributes.errorposition!"top") == 'bottom'>
+<#assign hasFieldErrors = attributes.name?? && fieldErrors??
&& fieldErrors.get(attributes.name)??/>
<#if hasFieldErrors>
-<div <#rt/><#if
parameters.id??>id="wwerr_${parameters.id}"<#rt/></#if>
class="wwerr">
-<#list fieldErrors.get(parameters.name) as error>
+<div <#rt/><#if
attributes.id??>id="wwerr_${attributes.id}"<#rt/></#if>
class="wwerr">
+<#list fieldErrors.get(attributes.name) as error>
<div<#rt/>
- <#if parameters.id??>
- errorFor="${parameters.id}"<#rt/>
+ <#if attributes.id??>
+ errorFor="${attributes.id}"<#rt/>
</#if>
class="errorMessage">
${error}
@@ -347,8 +347,8 @@ to provide the layout. The contents of
<strong>head.ftl</strong> are:</p>
* under the License.
*/
-->
-<@s.link rel="stylesheet"
href="${base}${parameters.staticContentPath}/css_xhtml/styles.css"
type="text/css" />
-<#include "/${parameters.templateDir}/simple/head.ftl"
/></code></pre></figure>
+<@s.link rel="stylesheet"
href="${base}${attributes.staticContentPath}/css_xhtml/styles.css"
type="text/css" />
+<#include "/${attributes.templateDir}/simple/head.ftl"
/></code></pre></figure>
<p>The head includes a style sheet. The contents of
<strong>styles.css</strong> are:</p>
diff --git a/content/tag-developers/simple-theme.html
b/content/tag-developers/simple-theme.html
index 752a05645..33695b654 100644
--- a/content/tag-developers/simple-theme.html
+++ b/content/tag-developers/simple-theme.html
@@ -201,7 +201,7 @@ Ajax/Dojo support so that tags can import Dojo widgets
easily.</p>
* under the License.
*/
-->
-<@s.script src="${base}${parameters.staticContentPath}/utils.js"
/></code></pre></figure>
+<@s.script src="${base}${attributes.staticContentPath}/utils.js"
/></code></pre></figure>
</section>
diff --git a/content/tag-developers/xhtml-theme.html
b/content/tag-developers/xhtml-theme.html
index bfb87596b..b8b768806 100644
--- a/content/tag-developers/xhtml-theme.html
+++ b/content/tag-developers/xhtml-theme.html
@@ -203,9 +203,9 @@ and <code class="language-plaintext
highlighter-rouge">controlfooter.ftl</code>
* under the License.
*/
-->
-<#include
"/${parameters.templateDir}/${parameters.expandTheme}/controlheader.ftl" />
-<#include "/${parameters.templateDir}/simple/text.ftl" />
-<#include
"/${parameters.templateDir}/${parameters.expandTheme}/controlfooter.ftl"
/></code></pre></figure>
+<#include
"/${attributes.templateDir}/${attributes.expandTheme}/controlheader.ftl" />
+<#include "/${attributes.templateDir}/simple/text.ftl" />
+<#include
"/${attributes.templateDir}/${attributes.expandTheme}/controlfooter.ftl"
/></code></pre></figure>
<blockquote>
<p>The <code class="language-plaintext
highlighter-rouge">controlheader.ftl</code> is referenced using <code
class="language-plaintext highlighter-rouge">${parameters.theme}</code> so that
the code can be reused
@@ -237,12 +237,12 @@ the <a href="ajax-theme">ajax theme</a>) contents:</p>
* under the License.
*/
-->
-<#include
"/${parameters.templateDir}/${parameters.expandTheme}/controlheader-core.ftl"
/>
- <td
- <#if parameters.align?? >
- class="align-${parameters.align}"
+<#include
"/${attributes.templateDir}/${attributes.expandTheme}/controlheader-core.ftl"
/>
+ <td
+ <#if attributes.align?? >
+ class="align-${attributes.align}"
<#else >
- class="tdInput"
+ class="tdInput"
</#if>
><#t/></code></pre></figure>
@@ -270,11 +270,11 @@ the <a href="ajax-theme">ajax theme</a>) contents:</p>
Only show message if errors are available.
This will be done if ActionSupport is used.
-->
-<#assign hasFieldErrors = parameters.name?? && fieldErrors??
&& fieldErrors.get(parameters.name)??/>
-<#if (parameters.errorposition!"top") == 'top'>
+<#assign hasFieldErrors = attributes.name?? && fieldErrors??
&& fieldErrors.get(attributes.name)??/>
+<#if (attributes.errorposition!"top") == 'top'>
<#if hasFieldErrors>
-<#list fieldErrors.get(parameters.name) as error>
-<tr errorFor="${parameters.id}">
+<#list fieldErrors.get(attributes.name) as error>
+<tr errorFor="${attributes.id}">
<td class="tdErrorMessage" colspan="2"><#rt/>
<span class="errorMessage">${error}</span><#t/>
</td><#lt/>
@@ -282,10 +282,10 @@ the <a href="ajax-theme">ajax theme</a>) contents:</p>
</#list>
</#if>
</#if>
-<#if !parameters.labelPosition?? &&
(parameters.form.labelPosition)??>
-<#assign labelPos = parameters.form.labelPosition/>
-<#elseif parameters.labelPosition??>
-<#assign labelPos = parameters.labelPosition/>
+<#if !attributes.labelPosition?? &&
(attributes.form.labelPosition)??>
+<#assign labelPos = attributes.form.labelPosition/>
+<#elseif attributes.labelPosition??>
+<#assign labelPos = attributes.labelPosition/>
</#if>
<#--
if the label position is top,
@@ -297,10 +297,10 @@ the <a href="ajax-theme">ajax theme</a>) contents:</p>
<#else>
<td class="tdLabel"><#rt/>
</#if>
-<#if parameters.label??>
+<#if attributes.label??>
<label <#t/>
-<#if parameters.id??>
- for="${parameters.id}" <#t/>
+<#if attributes.id??>
+ for="${attributes.id}" <#t/>
</#if>
<#if hasFieldErrors>
class="errorLabel"<#t/>
@@ -308,15 +308,15 @@ the <a href="ajax-theme">ajax theme</a>) contents:</p>
class="label"<#t/>
</#if>
><#t/>
-<#if (parameters.required!false) &&
((parameters.requiredPosition!"right") != 'right')>
+<#if (attributes.required!false) &&
((attributes.requiredPosition!"right") != 'right')>
<span class="required">*</span><#t/>
</#if>
-${parameters.label}<#t/>
-<#if (parameters.required!false) &&
((parameters.requiredPosition!"right") == 'right')>
+${attributes.label}<#t/>
+<#if (attributes.required!false) &&
((attributes.requiredPosition!"right") == 'right')>
<span class="required">*</span><#t/>
</#if>
-${parameters.labelseparator!":"}<#t/>
-<#include
"/${parameters.templateDir}/${parameters.expandTheme}/tooltip.ftl" />
+${attributes.labelseparator!":"}<#t/>
+<#include
"/${attributes.templateDir}/${attributes.expandTheme}/tooltip.ftl" />
</label><#t/>
</#if>
</td><#lt/>
@@ -362,14 +362,14 @@ for an <code class="language-plaintext
highlighter-rouge">after</code> parameter
* under the License.
*/
-->
-${parameters.after!}<#t/>
+${attributes.after!}<#t/>
</td><#lt/>
</tr>
-<#if (parameters.errorposition!"top") == 'bottom'>
-<#assign hasFieldErrors = parameters.name?? && fieldErrors??
&& fieldErrors.get(parameters.name)??/>
+<#if (attributes.errorposition!"top") == 'bottom'>
+<#assign hasFieldErrors = attributes.name?? && fieldErrors??
&& fieldErrors.get(attributes.name)??/>
<#if hasFieldErrors>
-<#list fieldErrors.get(parameters.name) as error>
-<tr errorFor="${parameters.id}">
+<#list fieldErrors.get(attributes.name) as error>
+<tr errorFor="${attributes.id}">
<td class="tdErrorMessage" colspan="2"><#rt/>
<span class="errorMessage">${error}</span><#t/>
</td><#lt/>
@@ -412,8 +412,8 @@ render the form elements.</p>
* under the License.
*/
-->
-<@s.link rel="stylesheet"
href="${base}${parameters.staticContentPath}/xhtml/styles.css" type="text/css"
/>
-<#include "/${parameters.templateDir}/simple/head.ftl"
/></code></pre></figure>
+<@s.link rel="stylesheet"
href="${base}${attributes.staticContentPath}/xhtml/styles.css" type="text/css"
/>
+<#include "/${attributes.templateDir}/simple/head.ftl"
/></code></pre></figure>
<p>The head template imports a style sheet. The contents of
<strong>styles.css</strong> are:</p>
@@ -488,17 +488,17 @@ wrapping table, the opening and closing templates also,
if the <code class="lang
* under the License.
*/
-->
-<#include
"/${parameters.templateDir}/${parameters.expandTheme}/form-validate.ftl" />
-<#include
"/${parameters.templateDir}/${parameters.expandTheme}/form-common.ftl" />
-<#if (parameters.validate!false)>
- onreset="<#outputformat
'JavaScript'>${parameters.onreset!'clearErrorMessages(this);clearErrorLabels(this);'}</#outputformat>"
+<#include
"/${attributes.templateDir}/${attributes.expandTheme}/form-validate.ftl" />
+<#include
"/${attributes.templateDir}/${attributes.expandTheme}/form-common.ftl" />
+<#if (attributes.validate!false)>
+ onreset="<#outputformat
'JavaScript'>${attributes.onreset!'clearErrorMessages(this);clearErrorLabels(this);'}</#outputformat>"
<#else>
- <#if parameters.onreset??>
- onreset="<#outputformat
'JavaScript'>${parameters.onreset}</#outputformat>"
+ <#if attributes.onreset??>
+ onreset="<#outputformat
'JavaScript'>${attributes.onreset}</#outputformat>"
</#if>
</#if>
>
-<#include
"/${parameters.templateDir}/${parameters.expandTheme}/control.ftl"
/></code></pre></figure>
+<#include
"/${attributes.templateDir}/${attributes.expandTheme}/control.ftl"
/></code></pre></figure>
<p>The closing template, <code class="language-plaintext
highlighter-rouge">form-close.ftl</code>:</p>
@@ -522,13 +522,13 @@ wrapping table, the opening and closing templates also,
if the <code class="lang
* under the License.
*/
-->
-<#include
"/${parameters.templateDir}/${parameters.expandTheme}/control-close.ftl" />
-<#include "/${parameters.templateDir}/simple/form-close.ftl" />
-<#include
"/${parameters.templateDir}/${parameters.expandTheme}/form-close-validate.ftl"
/>
-<#if parameters.focusElement??>
+<#include
"/${attributes.templateDir}/${attributes.expandTheme}/control-close.ftl" />
+<#include "/${attributes.templateDir}/simple/form-close.ftl" />
+<#include
"/${attributes.templateDir}/${attributes.expandTheme}/form-close-validate.ftl"
/>
+<#if attributes.focusElement??>
<@s.script>
StrutsUtils.addOnLoad(function() {
- var element =
document.getElementById("${parameters.focusElement?js_string}");
+ var element =
document.getElementById("${attributes.focusElement?js_string}");
if(element) {
element.focus();
}
@@ -564,17 +564,17 @@ to <code class="language-plaintext
highlighter-rouge">true</code>, enable <a hre
* under the License.
*/
-->
-<#include
"/${parameters.templateDir}/${parameters.expandTheme}/form-validate.ftl" />
-<#include
"/${parameters.templateDir}/${parameters.expandTheme}/form-common.ftl" />
-<#if (parameters.validate!false)>
- onreset="<#outputformat
'JavaScript'>${parameters.onreset!'clearErrorMessages(this);clearErrorLabels(this);'}</#outputformat>"
+<#include
"/${attributes.templateDir}/${attributes.expandTheme}/form-validate.ftl" />
+<#include
"/${attributes.templateDir}/${attributes.expandTheme}/form-common.ftl" />
+<#if (attributes.validate!false)>
+ onreset="<#outputformat
'JavaScript'>${attributes.onreset!'clearErrorMessages(this);clearErrorLabels(this);'}</#outputformat>"
<#else>
- <#if parameters.onreset??>
- onreset="<#outputformat
'JavaScript'>${parameters.onreset}</#outputformat>"
+ <#if attributes.onreset??>
+ onreset="<#outputformat
'JavaScript'>${attributes.onreset}</#outputformat>"
</#if>
</#if>
>
-<#include
"/${parameters.templateDir}/${parameters.expandTheme}/control.ftl"
/></code></pre></figure>
+<#include
"/${attributes.templateDir}/${attributes.expandTheme}/control.ftl"
/></code></pre></figure>
<p>The closing template, <strong>form-close.ftl</strong>:</p>
@@ -598,13 +598,13 @@ to <code class="language-plaintext
highlighter-rouge">true</code>, enable <a hre
* under the License.
*/
-->
-<#include
"/${parameters.templateDir}/${parameters.expandTheme}/control-close.ftl" />
-<#include "/${parameters.templateDir}/simple/form-close.ftl" />
-<#include
"/${parameters.templateDir}/${parameters.expandTheme}/form-close-validate.ftl"
/>
-<#if parameters.focusElement??>
+<#include
"/${attributes.templateDir}/${attributes.expandTheme}/control-close.ftl" />
+<#include "/${attributes.templateDir}/simple/form-close.ftl" />
+<#include
"/${attributes.templateDir}/${attributes.expandTheme}/form-close-validate.ftl"
/>
+<#if attributes.focusElement??>
<@s.script>
StrutsUtils.addOnLoad(function() {
- var element =
document.getElementById("${parameters.focusElement?js_string}");
+ var element =
document.getElementById("${attributes.focusElement?js_string}");
if(element) {
element.focus();
}
