struts with different file extensions

Question

struts with different file extensions

summitt opened this issue 8 years ago · 2 comments

Hey, while scanning a struts app it was not picking up issues that should have been identified. While looking though the code i realized it only triggers on the common file extensions like .do and .action. These extensions are often customized for the organization. I manually updated the code to add the extensions that we use but it would be great if this could be configurable or even allowed to scan regardless of the file extension. For instance you don't even need to put a file extension on struts like www.example.com/test.action and www.example.com/test will work the same.

Answer 1 · 2016-04-29T14:18:40.000Z

Thank you for your feedback.

The fix will be pushed with a major version bump of the whole project in the next days.

Answer 2 · 2016-05-29T08:33:24.000Z

Release 1.2.5 fixes the issue. Thanks for reporting.