<scriptlet-invalid> tag

Hi,

I have put in the DD the following:

<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd" version="2.4">

<welcome-file-list>
<welcome-file>index.html</welcome-file>
</welcome-file-list>

<jsp-config>
<jsp-property-group>
<url-pattern>*.jsp</url-pattern>
<scriptlet-invalid>true</scriptlet-invalid>
</jsp-property-group>
</jsp-config>

</web-app>

I tried this jsp below named index.jsp located under context root,

<html>
<body>
10 x 5 = ${10 * 5} <br>
2 * 3 = <%= 2 * 3 %> <br>
</body>
</html>

The weird part is that it gives an output of

10 x 5 = 50
2 * 3 = 6

It seems that the jsp expression has been evaluated...
This should not work right? As I have stated in the DD that scripting is invalid... Am I missing something here?

Hi bao, welcome to javaranch.

Please Use Code Tags when you post a source code. You can edit your message using button and then add code tags to it.

What container are you using (like Tomcat 5.5 or something else).

(This question seems an exact duplicate of this thread)...

Hello Bao, Welcome to Java Ranch,

Use

<scripting-invalid>
true
</scripting-invalid>

insted of

<scriptlet-invalid>
true
</scriptlet-invalid>

in web.xml

thanks a lot~