Versions Compared

Old Version 16

changes.mady.by.user Lukasz Lenart

Saved on

compared with

New Version 17

changes.mady.by.user Lukasz Lenart

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

(tick) These are the notes for the Struts 2.3.19 20 distribution.

(tick) For prior notes in this release series, see Version Notes 2.3.16.1

...

Code Block
xml
titleMaven Dependency
xml
<dependency>
  <groupId>org.apache.struts</groupId>
  <artifactId>struts2-core</artifactId>
  <version>2.3.19<20</version>
</dependency>

You can also use Struts Archetype Catalog like below

...

Code Block
xml
titleStaging Repository
xml
<repositories>
  <repository>
    <id>apache.nexus</id>
    <name>ASF Nexus Staging</name>
    <url>https://repository.apache.org/content/groups/staging/</url>
  </repository>
</repositories>

Internal Changes

  • (warning) Merged security fixes from version 2.3.16.1, 2.3.16.2, 2.3.16.3
  • (warning) Extended existing security mechanism to block access to given Java packages and Classes, see #11 or read Internal security mechanism
  • Collection Parameters for RedirectResults, WW-4224
  • Make ParametersInterceptor supports chinese in hash key by default, WW-4250
  • themes.properties can be loaded using ServletContext allows to put template folder under WEB-INF or on classpath, WW-4260
  • New tag datetextfield, WW-3493
  • Only valid Ognl expressions are cached, WW-4146
  • CustomTextProvider can be used for validation errors of model driven actions, WW-4202
  • datetimepicker's label fixed, WW-4254
  • PropertiesJudge removed and properties are checked in SecurityMemberAccess, WW-4257
  • resource reloading works in IBM JVM, WW-4266
  • default reloading settings were removed from default.properties, WW-4267
  • (warning) commons-fileupload library upgraded to version 1.3.1 to fix potential security vulnerability, WW-4286
  • The scheme attribute accepts expressions in s:url tag, WW-4024
  • Solves problem with infinite loop in FastByteArrayOutputStream, WW-4383
  • LocalizedTextUtil supports many ClassLoaders, WW-4379
  • Bill of Materials pom was introduced, WW-4326
  • debug=browser|console was migrated to jQuery, WW-4322
  • struts_dojo.js was fixed, WW-4349
  • interface org/apache/struts2/views/TagLibrary was restored and marked as @Depreacted, WW-4255
  • and many other small improvements, please see the release notes

...

Note

Please read information about new internal security mechanism introduced with this version, it can have impact on your application!

 

Issue Detail

Issue List

Other resources

...