struts-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ing. Andrea Vettori" <m...@andreavettori.com>
Subject Re: Preventing OGNL evaluations of user input (was Re: Struts 2 performance)
Date Mon, 16 Jul 2007 14:48:02 GMT

Il giorno 16/lug/07, alle ore 16:46, Antonio Petrelli ha scritto:

> 2007/7/16, Ing. Andrea Vettori <mail@andreavettori.com>:
>>
>> I suggested the value can be parametrized so if one
>> known he use complex expression can use a higher value. (b) is solved
>> using loopCount=1 by default when dealing with user input.
>
>
>
> OK! Thank you I think I got the point.
> So you are saying that, with loopCount=1, the evaluation step stops at
> evaluating the string as it is, right?

ok !

Now we should only understand what to do with expression like "%{foo}  
%{bar}" that has more than one expression at the "same" recursion level.


--
Ing. Andrea Vettori
Consulente per l'Information Technology



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@struts.apache.org
For additional commands, e-mail: dev-help@struts.apache.org


Mime
View raw message