You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@commons.apache.org by GitBox <gi...@apache.org> on 2022/11/23 14:10:57 UTC

[GitHub] [commons-jxpath] ecki commented on pull request #26: Add an allow list for classes that can be loaded by JXPath

ecki commented on PR #26:
URL: https://github.com/apache/commons-jxpath/pull/26#issuecomment-1325129178

   Agreed, it needs to be documented. Either as a warning that it is not possible to have untrusted expressions or with a pointer to the filter mechanism discussed here. I will propose something.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscribe@commons.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org