[owasp-intrinsic-security] Struts Autocomplete

Arshan Dabirsiaghi arshan.dabirsiaghi at aspectsecurity.com
Mon Oct 6 11:58:59 EDT 2008

Seems arbitrary - browser support > spec.


From: owasp-intrinsic-security-bounces at lists.owasp.org on behalf of Jim Manico
Sent: Fri 10/3/2008 11:51 PM
To: owasp-intrinsic-security at lists.owasp.org
Subject: [owasp-intrinsic-security] Struts Autocomplete

Per https://issues.apache.org/struts/browse/STR-2810


Struts 1.3 is not allowing authcomplete as a tag within a form element - but only if in xHTML mode.


I guess autocomplete is allowed in 4.01 transitional or below for struts 1.3 tags...


What do you think?






Jim Manico, Senior Application Security Engineer

jim.manico at aspectsecurity.com <mailto:jim.manico at aspectsecurity.com> 

(301) 604-4882 (work) 

(808) 652-3805 (cell) 


Aspect Security(tm)

Securing your applications at the source <http://www.aspectsecurity.com/aboutaspect.htm> 

http://www.aspectsecurity.com <http://www.aspectsecurity.com/> 





-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-intrinsic-security/attachments/20081006/ba46f1a4/attachment.html 

More information about the owasp-intrinsic-security mailing list