Hi,
I'm integrating an application which uses URL fragments (URL part after
a #) to store state, I believe this is reasonably common practice.
The problem is that the fragment is not passed to the server, it's
client side only so if it's part of a CAS protected URL then it will be
lost during the log in process.
What saves the situation is that browsers now preserve the # on redirect
so the # reappears on the login page.
I think inserting the following javascript (# is only visible to the js)
on the log in page fixes this problem.
<script type="text/javascript">
window.onload = function () {
if (location.hash) {
var s = document.getElementById("fm1");
var action = s.getAttribute("action");
s.setAttribute("action", action + location.hash);
}
}
</script>
The hash will never be seen server side.
Cheers,
Ian
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-dev
