Deny Rule Group – (default) Object Graph Navigation Library injection

OGNL

  • Prevents OGNL injection in Apache Struts.

Included Deny Rules

Rule name

Basic

Standard

Strict

(default OGNL_001a) Object Graph Navigation Library (OGNL) injection (Apache Struts2) in parameter value

Icon - ON

Icon - ON

Icon - ON

(default OGNL_001b) Object Graph Navigation Library (OGNL) injection (Apache Struts2) in HTTP header value

Icon - ON

Icon - ON

Icon - ON

(default OGNL_001c) Object Graph Navigation Library (OGNL) injection (Apache Struts2) in path

Icon - ON

Icon - ON

Icon - ON