[owasp-intrinsic-security] Struts Autocomplete

Arshan Dabirsiaghi arshan.dabirsiaghi at aspectsecurity.com
Mon Oct 6 11:58:59 EDT 2008


Seems arbitrary - browser support > spec.

________________________________

From: owasp-intrinsic-security-bounces at lists.owasp.org on behalf of Jim Manico
Sent: Fri 10/3/2008 11:51 PM
To: owasp-intrinsic-security at lists.owasp.org
Subject: [owasp-intrinsic-security] Struts Autocomplete



Per https://issues.apache.org/struts/browse/STR-2810

 

Struts 1.3 is not allowing authcomplete as a tag within a form element - but only if in xHTML mode.

 

I guess autocomplete is allowed in 4.01 transitional or below for struts 1.3 tags...

 

What do you think?

 

 

 

 

 

Jim Manico, Senior Application Security Engineer

jim.manico at aspectsecurity.com <mailto:jim.manico at aspectsecurity.com> 

(301) 604-4882 (work) 

(808) 652-3805 (cell) 

 

Aspect Security(tm)

Securing your applications at the source <http://www.aspectsecurity.com/aboutaspect.htm> 

http://www.aspectsecurity.com <http://www.aspectsecurity.com/> 

 

 

 

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-intrinsic-security/attachments/20081006/ba46f1a4/attachment.html 


More information about the owasp-intrinsic-security mailing list