Return-Path: Delivered-To: apmail-struts-commits-archive@locus.apache.org Received: (qmail 6345 invoked from network); 16 Jul 2008 06:38:20 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 16 Jul 2008 06:38:20 -0000 Received: (qmail 27883 invoked by uid 500); 16 Jul 2008 06:38:17 -0000 Delivered-To: apmail-struts-commits-archive@struts.apache.org Received: (qmail 27851 invoked by uid 500); 16 Jul 2008 06:38:17 -0000 Mailing-List: contact commits-help@struts.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@struts.apache.org Delivered-To: mailing list commits@struts.apache.org Received: (qmail 27840 invoked by uid 99); 16 Jul 2008 06:38:17 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 15 Jul 2008 23:38:17 -0700 X-ASF-Spam-Status: No, hits=-2000.0 required=10.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.4] (HELO eris.apache.org) (140.211.11.4) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 16 Jul 2008 06:37:32 +0000 Received: by eris.apache.org (Postfix, from userid 65534) id B65C12388A03; Tue, 15 Jul 2008 23:37:56 -0700 (PDT) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: svn commit: r677170 - /struts/site/src/site/xdoc/index.xml Date: Wed, 16 Jul 2008 06:37:56 -0000 To: commits@struts.apache.org From: rgielen@apache.org X-Mailer: svnmailer-1.0.8 Message-Id: <20080716063756.B65C12388A03@eris.apache.org> X-Virus-Checked: Checked by ClamAV on apache.org Author: rgielen Date: Tue Jul 15 23:37:56 2008 New Revision: 677170 URL: http://svn.apache.org/viewvc?rev=677170&view=rev Log: typo fix Modified: struts/site/src/site/xdoc/index.xml Modified: struts/site/src/site/xdoc/index.xml URL: http://svn.apache.org/viewvc/struts/site/src/site/xdoc/index.xml?rev=677170&r1=677169&r2=677170&view=diff ============================================================================== --- struts/site/src/site/xdoc/index.xml (original) +++ struts/site/src/site/xdoc/index.xml Tue Jul 15 23:37:56 2008 @@ -97,7 +97,7 @@ the filtering mechanism implemeted in XWork's ParametersInterceptor to fix the described security issue does not completely avoid any possible malicious parameter name. Possible Workaround:
    -
  • apply the following exclude rule to your parameter interceptor refs in struts.xml to avoid the usage of backslash charater in parameter names +
  • apply the following exclude rule to your parameter interceptor refs in struts.xml to avoid the usage of backslash characters in parameter names 
     <interceptor-ref name="params">
     <param name="excludeParams">.*\\.*</param>