y annotation to:
@Result(name = BaseAction.REDIRECT_TO_NON_STRUTS2, location = "%{url}",
params = {"location", "%{url}"})
Really appreciate all the info you provided. Definitely helped me track
down exactly what was going on.
Alex
On Tue, Feb 4, 2020 at 3:52 AM Mark
o with that information though. The doesn't appear to
be any configurable behavior here.
Alex
On Fri, Jan 31, 2020 at 10:28 AM Mark Thomas wrote:
> On 30/01/2020 21:38, Alex Pritchard wrote:
> > Totally possible. I tried modifying \conf\context.xml, using both
> > useRelative
Jan 30, 2020 at 3:07 PM Mark Thomas wrote:
> On 30/01/2020 19:53, Alex Pritchard wrote:
> > Thanks for the response!
> >
> > I think you're right about identifying the wrong cause. I searched my
> > way through the apache versions and isolated 7.0.79 as being the f
ced in 7.0.67)?
Mark
On Thu, Jan 30, 2020 at 12:41 PM Alex Pritchard
wrote:
> Hi,
>
> Trying to drag a legacy app forward and running into a breaking change
> based on the fact that we're using struts2 to serve some JSPs from a
> directory outside our context root by ta
Hi,
Trying to drag a legacy app forward and running into a breaking change
based on the fact that we're using struts2 to serve some JSPs from a
directory outside our context root by taking advantage of the now-patched
directory traversal exploit.
Essentially the action class is returning @Result(
