include::../summary.adoc[]

== Why is this an issue?

include::../rationale.adoc[]

include::../impact.adoc[]

include::../threats.adoc[]

== How to fix it?

include::how-to-fix-it/jsp.adoc[]

include::how-to-fix-it/servlet.adoc[]

include::how-to-fix-it/spring.adoc[]

include::how-to-fix-it/thymeleaf.adoc[]

== Resources

=== Documentation

* https://spring.io/guides/gs/securing-web/[Spring.io, Securing a Web Application]

include::../common/resources/articles.adoc[]

include::../common/resources/presentations.adoc[]

include::../common/resources/standards.adoc[]


ifdef::env-github,rspecator-view[]

'''
== Implementation Specification
(visible only on this page)

include::../message.adoc[]

include::../highlighting.adoc[]

'''
== Comments And Links
(visible only on this page)

include::../comments-and-links.adoc[]
endif::env-github,rspecator-view[]