Description of problem: CVE-2016-6348 RESTEasy: Use of JacksonJsonpInterceptor in RESTEasy can lead to Cross Site Script Inclusion attack. In EAP 7.1+, setting the system property "resteasy.jsonp.enable" to false will disable Jackson2JsonpInterceptor and it will just proceed to the next interceptor. Back-port this capability in EAP 6.4.
In the upstream this interceptor can already be disabled, i.e. no upstream required. @Brad, can you set requires_doc_text+? I can't. @Chao, can you provide doc text?
Regression tests passed Verified with EAP 6.4.22.CP.CR1