ddekany
ddekany
If you haven't, please read this first: https://freemarker.apache.org/docs/app_faq.html#faq_template_uploading_security As you see, if you can't trust template authors (which is not the situation FreeMarker was originally designed for - think about...
Just to restate the problem. Official FreeMarker does have features to disable these on the level of the `Configuration` object. Your problem is that sometimes you don't have control over...
Depends on what kind of values you have in that `HashMap`. If they are maps/lists/strings/number/boolean/dates, then it should be safe as far as the model is concerned. (Normally, if you...
To be safe by default in use cases where template authors aren't trusted, the default object wrapper had to be extremely restrictive. You wouldn't be able to access anything but...
Only the legal part... Do you have a CLA at Apache?
Thanks, I managed to check that the ICLA was indeed submitted.
Also this happens quite often, and to make it worse, when Ctrl+z deletes the bottom of all the frames, not even Ctrl+y (redo) will bring it back. To consistently trigger...
Can we close this, or there's more to it? Note that [2.3.30](https://freemarker.apache.org/docs/versions_2_3_30.html) has added `MemberAccessPolicy`-es, which are very useful for restricting what templates can do.
Closing this due to no further follow up.
Yeah, there's no HTML highlighting in it. I think the architecture of this plugin won't allow reusing the existing HTML editor functionality in Eclipse (like in WTP). Clicking... I don't...