[jboss-jira] [JBoss JIRA] (WFLY-5542) Look into using apache's upstream JSTL
Radim Hatlapatka (JIRA)
issues at jboss.org
Tue Oct 11 11:13:00 EDT 2016
[ https://issues.jboss.org/browse/WFLY-5542?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13305666#comment-13305666 ]
Radim Hatlapatka commented on WFLY-5542:
----------------------------------------
I agree with [~ctomc] that it is better to use secure by default. I believe to achieve some behavior you might need to set secure to false (operation which are not by default safe). Those features required user to know what he is doing as he can be more easily exposed to some attacks (I believe allowing to use some external includes or something similar). I am OK with this change, if such use case is found valid, it can be easily solved by adding system property allowing to switch the secure to false.
> Look into using apache's upstream JSTL
> --------------------------------------
>
> Key: WFLY-5542
> URL: https://issues.jboss.org/browse/WFLY-5542
> Project: WildFly
> Issue Type: Task
> Components: EE, Web (Undertow)
> Affects Versions: 10.0.0.CR2
> Reporter: Tomaz Cerar
> Assignee: Tomaz Cerar
>
> We are now using forked combination of apache & java.net's version of JSTL.
> We should look into using upstream version if possible.
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
More information about the jboss-jira
mailing list