https://bz.apache.org/bugzilla/show_bug.cgi?id=57773
--- Comment #5 from Woonsan Ko <woon_...@yahoo.com> --- Hi @markt and @donnchadh, How about introducing a whitelist filter attribute in context configuration? e.g, elStaticAccessFilter="^[a-z].*$". Like containerSciFilter attribute, it can be set to a regular expression specifying which static access expression should be filtered out in class lookup step. Considering the concerns (spec not giving enough choices, caching approach is too impactful, etc.), this solution might be effective in practice, avoiding potential issues. When upgrading to tomcat8, people should validate/update a lot of JSP files or meet a big performance degrade as reported here. To avoid this costly situation or performance issue, if we support that simple static accessor filter attribute in context configuration, most issues should be covered I believe. People tend to use attribute name in camel case, and static access expression should be in pascal case in most cases. So the filter expression above could solve problems in most cases if set optionally by the users. Kind regards, Woonsan -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
