struts-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Musachy Barroso" <>
Subject OGNL and parameters
Date Wed, 16 Jul 2008 17:56:16 GMT
Should we continue to use OGNL for parameter binding? This creates so
many possible security holes, in exchange for pretty much nothing,
when parameter names should be simple (indexing + the old A.B.C

Are there any uses cases where the full OGNL power is needed, for
parameter binding?


"Hey you! Would you help me to carry the stone?" Pink Floyd

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message