[ https://issues.apache.org/jira/browse/WICKET-877?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Matej Knopp reassigned WICKET-877: ---------------------------------- Assignee: Johan Compagner > stateless page + form + bookmark = trouble > ------------------------------------------ > > Key: WICKET-877 > URL: https://issues.apache.org/jira/browse/WICKET-877 > Project: Wicket > Issue Type: Bug > Components: wicket > Reporter: Peter Ertl > Assignee: Johan Compagner > > I have a stateless login page for the application (using > HybridUrlCodingStrategy): > url_1 = http://localhost/login > When I press the login button of the username + password form the form data > will be sent using HTTP POST: > url_2 = > http://localhost/login/wicket:interface/%3A0%3AnavigationContrib%3Aform%3A%3AIFormSubmitListener%3A%3A/ > Unfortunately, if somebody bookmarks url_2 (which is stupid as we java dudes > all know, but it _will_ happen because average users don't know better) the > form submit listener will be invoked using HTTP GET and having no form > parameters. *imho* bookmarks should be possible in a professional application > at all time. > This, of course, will result in an ugly error message and unexpected > application behavior and empty form fields and stuff. That's *btw* why I > declare this request a bug and not a feature / enhancement. > I think it would be cool to have Form#onInvalidSubmit() to handle this kind > of stuff (it won't happen on stateful pages with redirect after post > enabled). So, for example, the application could just reload to the login > page. > detection is easy... here my suggestion: > ------------------------------------------------------ > class org.apache.wicket.markup.html.form.Form: > public final void onFormSubmitted() // line 746 > { > final String method = ((WebRequest) > getRequest()).getHttpServletRequest().getMethod(); > if (method.equalsIgnoreCase(this.getMethod()) == false) > this.onInvalidSubmit(); > // ... > } > // override (optional) > protected onInvalidSubmit() {} > ------------------------------ > in my case I would just do this: > @Override > protected onInvalidSubmit() > { > this.setRedirect(true); > throw new RestartResponseException(getPage().getClass()); > } > This would probably be a good default behavior for StatelessForm.... > I consider this change useful enough to be part of wicket core. > What you guys think? -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.