*sigh*
I confused the s:form method attribute and used it to specify the method to
call on the action, not the HTTP form submit method. Everything's working
now. Definitely not my brightest moment.
Thanks a bunch,
GB
Laurie Harper wrote:
Guillaume Bilodeau wrote:
Hi guys,
I'm using Struts 2.0.11 for a standard web application and using
annotations
all the way. I have the following action, with some fields and getters /
setters omitted for brevity:
@ParentPackage(default)
@Results( {
@Result(name = input, type = ServletDispatcherResult.class,
value =
/views/users/changePassword.jsp),
@Result(type = ServletActionRedirectResult.class, value =
workbench,
params = {
namespace, /workbench, parse, true,
actionMessageKey,
${actionMessageKey} }) })
@Validation
public class ChangePasswordAction extends ActionSupport {
@Override
@Validations(requiredStrings = {
@RequiredStringValidator(fieldName = currentPassword,
message = ,
key
= users.changePassword.currentPassword.invalid),
@RequiredStringValidator(fieldName = newPassword1,
message = , key
=
users.changePassword.newPassword.invalid),
@RequiredStringValidator(fieldName = newPassword2,
message = , key
=
users.changePassword.newPassword.invalid) }, expressions = {
@ExpressionValidator(expression = newPassword1.equals(newPassword2),
message = , key = users.changePassword.mismatch) })
public String execute() {
String result = Action.INPUT;
try {
userService.changeUserPassword(getUser().getId(),
currentPassword,
newPassword1);
result = Action.SUCCESS;
}
catch (InvalidPasswordException e) {
addActionError(getText(users.changePassword.currentPassword.invalid));
}
return result;
}
}
The accompanying JSP, changePassword.jsp, contains a simple form with 3
fields (current, new, confirm new password) and a submit button.
When leaving all form fields and submitting the form, the validation
interceptor correctly executes, correctly identifies all validation
errors
and correctly executes the input result. The rendered page correctly
shows
the correct form with all expected error messages next to the
corresponding
fields. Basically, the whole request handling works as expected.
However,
the browser's address bar now shows the following:
http://localhost:8080/healthcheck/users/changePassword.go?currentPassword=newPassword1=newPassword2=general.submit=Submit
The URL contains all failed parameters with their values in clear text,
which is something I don't want. The behavior is the same when using an
empty result type for the input result.
1. Is there a way not to see these parameters in the final URL?
2. I don't see why these parameters need to be added to the URL when they
are clearly accessible to the JSP using the value stack. Surely there
must
be a good reason to this?
That's basic HTML/HTTP. You need to change your form to submit using the
POST method instead of GET. See the 'method' attribute of s:form.
L.
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
--
View this message in context:
http://www.nabble.com/Validation-result-URL-contains-failed-parameters-tp16624608p16633323.html
Sent from the Struts - User mailing list archive at Nabble.com.
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
