This Confluence has been LDAP enabled, if you are an ASF Committer, please use your LDAP Credentials to login. Any problems file an INFRA jira ticket please.

Child pages
  • Version Notes 2.5.8

Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.


  • (warning) Possible DoS attack when using URLValidator S2-044


  • [WW-2561] - Included XSL files' URI not being resolved for actions with result type="xslt"
  • [WW-3019] - ConcurrentModificationException using s:iterator (intermittent)
  • [WW-3170] - ObjectFactory reporting ERROR's when you attempt to set parameters on a Redirect result
  • [WW-3654] - Failed validation returns Action.NONE instead of Action.INPUT
  • [WW-3957] - Multiple concurrent AJAX requests can collide
  • [WW-3995] - please change reset.ftl so html id is not lost
  • [WW-4367] - preselect values in <s:optgroup>
  • [WW-4636] - File upload error message always in default language
  • [WW-4701] - Can no longer clear parameter on a <s:url> tag.
  • [WW-4702] - List based parameters no longer work when there is only one value.
  • [WW-4703] - NullPointerException in ActionSupport when use ModelDriven
  • [WW-4707] - Multiselect parameter behavior different between struts 2.5.5 and 2.5.1
  • [WW-4708] - struts2-archetype-blank not found for struts v2.5.5
  • [WW-4709] - Invalid field value for field "id"
  • [WW-4715] - Scope interceptor always resets because of org.apache.struts2.dispatcher.HttpParameters
  • [WW-4716] - HelloWorldTest throws NullPointerException
  • [WW-4718] - focusElement form attribute not working


  • [WW-2454] - TestNG dependency update from 5.1 to 5.3 + update to coupled maven plugin
  • [WW-4171] - getText methods are not documented as evaluating OGNL
  • [WW-4214] - Rename of struts token attribute name
  • [WW-4391] - FreemarkerResult should respect response.getCharacterEncoding()
  • [WW-4698] - Allow <constant/> value substitution in XML configuration
  • [WW-4704] - Upgrade to latest OGNL version
  • [WW-4705] - Add support for long type to <s:date> tag
  • [WW-4710] - Disallow access to HttpParameters.toMap
  • [WW-4711] - <s:text/> tag should not evaluate defaultMessage against a ValueStack by default
  • [WW-4712] - TextProviderHelper#getText() should perform cleaning of "defaultMessage"
  • [WW-4717] - Refactor file upload support to allow create virtual representation of
  • [WW-4719] - Move "DefaultClassFinder" into Convnention plugin
  • [WW-4720] - HttpParameters should behave like a Map
  • [WW-4721] - Add support for "roundingMode" in <s:number/> tag



This release contains fixes related to S2-044 security bulletin, please read it carefully!