You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@struts.apache.org by fustaki <lo...@gmail.com> on 2012/08/07 12:36:18 UTC

Escapes HTML in actionName and chaining actions

Between versions 2.2.X and 2.3.X DefaultActionProxy started to apply
StringEscapeUtils.escapeHtml4() to actionName.

This drastic change of behavior affects applications that strongly use
wildcard-patterns to pass parameters through actionName (friendly URLs).

Surely unescaping values in setter method of such parameters fixes this
point but shouldn't be a way to switch on/off this feature via
configuration?

Alternatively how can create and inject my own ActionProxy ?

Thanks!




--
View this message in context: http://struts.1045723.n5.nabble.com/Escapes-HTML-in-actionName-and-chaining-actions-tp5710390.html
Sent from the Struts - Dev mailing list archive at Nabble.com.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@struts.apache.org
For additional commands, e-mail: dev-help@struts.apache.org

Re: Escapes HTML in actionName and chaining actions

Posted by Lukasz Lenart <lu...@apache.org>.

2012/8/7 fustaki <lo...@gmail.com>:
> Surely unescaping values in setter method of such parameters fixes this
> point but shouldn't be a way to switch on/off this feature via
> configuration?

Could be, please register an issue for that.

> Alternatively how can create and inject my own ActionProxy ?

You can create your own ActionProxyFactory and setup it to be used by
S2, take a look on the REST plugin

https://svn.apache.org/repos/asf/struts/struts2/trunk/plugins/rest/src/main/resources/struts-plugin.xml


Regards
-- 
Łukasz
+ 48 606 323 122 http://www.lenart.org.pl/

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@struts.apache.org
For additional commands, e-mail: dev-help@struts.apache.org