How are people handling struts 2.0 actions? We can set tainted callbacks on each action's execute method, but how can we help the analysis engine see that the properties may be tainted from the HttpRequest? Or that tainted data may be output through the HttpResponse likewise from the properties?
