Re: pass parameters to action
Vinny- with method=GET I hear IE has a limit of 2k M-- This email message and any files transmitted with it contain confidential information intended only for the person(s) to whom this email message is addressed. If you have received this email message in error, please notify the sender immediately by telephone or email and destroy the original message without making a copy. Thank you. - Original Message - From: "Vinny" <[EMAIL PROTECTED]> To: "Struts Users Mailing List" Sent: Friday, September 07, 2007 5:56 PM Subject: Re: pass parameters to action I do. On 9/7/07, Christopher Schultz <[EMAIL PROTECTED]> wrote: Who really cares whether the URL is long or not? - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFG4Zmw9CaO5/Lv0PARAr4EAKCFB9CJZccMxljz4IrhQ6nWCtPSVQCgtUC+ MHldLlFSB5zFJpvAFXu25eE= =7p8q -END PGP SIGNATURE- - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- The Street Programmer http://streetprogrammer.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: pass parameters to action
--- Vinny <[EMAIL PROTECTED]> wrote: > I do. Not reddit; no upmods for short, content-free posts. Oh, wait. Curses. d. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: pass parameters to action
I do. On 9/7/07, Christopher Schultz <[EMAIL PROTECTED]> wrote: > > Who really cares whether the URL is long or not? > > - -chris > -BEGIN PGP SIGNATURE- > Version: GnuPG v1.4.7 (MingW32) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org > > iD8DBQFG4Zmw9CaO5/Lv0PARAr4EAKCFB9CJZccMxljz4IrhQ6nWCtPSVQCgtUC+ > MHldLlFSB5zFJpvAFXu25eE= > =7p8q > -END PGP SIGNATURE- > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > -- The Street Programmer http://streetprogrammer.com
Re: pass parameters to action
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Rod, Rod Bollinger wrote: > There is nothing wrong with Javascript in general - when used judiciously. > > The problem with Javascript (in this particular situation) is that if > Javascript is disabled or unavailable for any reason, the user will not be > able to submit the request - this is a major accessibility no-no. While I totally agree, this goes far beyond accessibility. The reasons not to use javascript to drive anything are many, but mostly because browser support cannot be relied upon: maybe there's a bug (or "feature"... thanks MSIE) or the user has javascript turned off. The worst is when I had Adblock removing all of the advertising from Yahoo! mail. When they upgraded their service to compete (poorly, I might add) with gmail, everything stopped working. Since they had relied 100% on javascript, and Adblock was filtering-out the
Re: pass parameters to action
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Chris, Chris Pratt wrote: > On 9/7/07, Dave Newton <[EMAIL PROTECTED]> wrote: >> --- Christopher Schultz wrote: >>> Who really cares whether the URL is long or not? >> >> People who have a URL longer than some browsers will >> accept? > > Also, it is sometimes considered a security risk to have certain > information displayed in the URL bar for all to see. Anything you don't want the user to see and/or modify shouldn't be sent by the browser. If you need secure state-carrying information to go from the server back to the client and back to the server, then encrypt it. If you're going that far, compress it and encrypt it, and you'll have a smaller URL ;) Switching from GET to POST solves only one potential security issue: POST bodies are rarely written to log files while GETs almost always are. > I don't make a practice of using this code myself unless it's > absolutely necessary (which is rare), but someone on the list had a > need for information I had available, so I provided it! I think your response would have been more useful had it contained the reasons why you don't normally use this type of code. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFG4cQN9CaO5/Lv0PARAuyXAKCFl5JLEDwm840k64mVSShPlK0qkwCeMktq mbLK1Im2wcqlcJxC2nWzF7U= =71RY -END PGP SIGNATURE- - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: pass parameters to action
I have to use post for security reasons, and to be able to pass all of the information in the hidden fields(too long, some fields are upto 500 char). Thank you for your help. On 9/7/07, Rod Bollinger <[EMAIL PROTECTED]> wrote: > > There is nothing wrong with Javascript in general - when used judiciously. > > The problem with Javascript (in this particular situation) is that if > Javascript is disabled or unavailable for any reason, the user will not be > able to submit the request - this is a major accessibility no-no. > > IIRC the OP was interested not because the the URL was too long but to > hide > the information being sent - potentially a security issue - hence the POST > suggestion initially. > > -Rod > > -Original Message- > From: Slattery, Tim - BLS [mailto:[EMAIL PROTECTED] > Sent: Friday, September 07, 2007 14:42 > To: Struts Users Mailing List > Subject: RE: pass parameters to action > > > > > > > Submit the form > > > > Oh, the humanity! > > > > Seriously, I hate seeing this kind of code. First of all, it > > requires javascript. > > What's wrong with javascript? > > > Second, it merely converts a GET request into a POST request. > > Who really cares whether the URL is long or not? > > OP did. That was the point of her original post. > > And it can be important if you're trying to control how your user steps > through your application. > > > -- > Tim Slattery > [EMAIL PROTECTED] > > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > -- Anna Simbirtsev (416) 729-7331
Re: pass parameters to action
On 9/7/07, Rod Bollinger <[EMAIL PROTECTED]> wrote: > The problem with Javascript (in this particular situation) is that if > Javascript is disabled or unavailable for any reason, the user will not be > able to submit the request - this is a major accessibility no-no. Rod: That is a valid point, so maybe changing the anchor tag to something like: Submit would serve both purposes. When JavaScript is available it would submit the form, when JavaScript is not available the regular GET request would be used. Leonidas: I wasn't saying this is the way all requests should be submitted, this would only be used when you wouldn't want someone to be able to bookmark (or email) a page, or when bookmarking the page isn't a major concern. (*Chris*) - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: pass parameters to action
There is nothing wrong with Javascript in general - when used judiciously. The problem with Javascript (in this particular situation) is that if Javascript is disabled or unavailable for any reason, the user will not be able to submit the request - this is a major accessibility no-no. IIRC the OP was interested not because the the URL was too long but to hide the information being sent - potentially a security issue - hence the POST suggestion initially. -Rod -Original Message- From: Slattery, Tim - BLS [mailto:[EMAIL PROTECTED] Sent: Friday, September 07, 2007 14:42 To: Struts Users Mailing List Subject: RE: pass parameters to action > > > > Submit the form > > Oh, the humanity! > > Seriously, I hate seeing this kind of code. First of all, it > requires javascript. What's wrong with javascript? > Second, it merely converts a GET request into a POST request. > Who really cares whether the URL is long or not? OP did. That was the point of her original post. And it can be important if you're trying to control how your user steps through your application. -- Tim Slattery [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: pass parameters to action
Sometimes the get method is necessary though. If you set your parameters to hidden fields, then the url will be like myjob.action. If the visitor would copy and paste this url and send it via skype to a friend, then they will not get the same result This might be bad i.e. when viewing a product or getting results via a query ... Leon Chris Pratt wrote: On 9/7/07, Dave Newton <[EMAIL PROTECTED]> wrote: --- Christopher Schultz wrote: Who really cares whether the URL is long or not? People who have a URL longer than some browsers will accept? Also, it is sometimes considered a security risk to have certain information displayed in the URL bar for all to see. I don't make a practice of using this code myself unless it's absolutely necessary (which is rare), but someone on the list had a need for information I had available, so I provided it! (*Chris*) - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: pass parameters to action
On 9/7/07, Dave Newton <[EMAIL PROTECTED]> wrote: > --- Christopher Schultz wrote: > > Who really cares whether the URL is long or not? > > People who have a URL longer than some browsers will > accept? > Also, it is sometimes considered a security risk to have certain information displayed in the URL bar for all to see. I don't make a practice of using this code myself unless it's absolutely necessary (which is rare), but someone on the list had a need for information I had available, so I provided it! (*Chris*) - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: pass parameters to action
> > > > Submit the form > > Oh, the humanity! > > Seriously, I hate seeing this kind of code. First of all, it > requires javascript. What's wrong with javascript? > Second, it merely converts a GET request into a POST request. > Who really cares whether the URL is long or not? OP did. That was the point of her original post. And it can be important if you're trying to control how your user steps through your application. -- Tim Slattery [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: pass parameters to action
--- Christopher Schultz wrote: > Who really cares whether the URL is long or not? People who have a URL longer than some browsers will accept? d. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: pass parameters to action
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Chris, Chris Pratt wrote: > Create a form with only hidden parameters (you could use the > and tags instead): > > > > > > Then in your link use: > > Submit the form Oh, the humanity! Seriously, I hate seeing this kind of code. First of all, it requires javascript. Second, it merely converts a GET request into a POST request. Who really cares whether the URL is long or not? - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFG4Zmw9CaO5/Lv0PARAr4EAKCFB9CJZccMxljz4IrhQ6nWCtPSVQCgtUC+ MHldLlFSB5zFJpvAFXu25eE= =7p8q -END PGP SIGNATURE- - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: pass parameters to action
On 9/7/07, Anna Simbirtsev <[EMAIL PROTECTED]> wrote: > How do I do it? > Create a form with only hidden parameters (you could use the and tags instead): Then in your link use: Submit the form (*Chris*) - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: pass parameters to action
How do I do it? On 9/7/07, Rick Reumann <[EMAIL PROTECTED]> wrote: > > On 9/7/07, Anna Simbirtsev <[EMAIL PROTECTED]> wrote: > > > > Hello > > I have a link > paramName="map">Name and when a user clicks on it, it calls > > action myAction and passes parameters using HashMap. Those parameters > are > > visible in the URL. Is there any way to pass parameters to the action > > other > > than through URL? > > > If you wanted you could populate a form on the page, possibly with just > hidden values and then have your link submit that form. > > -- > Rick > -- Anna Simbirtsev (416) 729-7331
Re: pass parameters to action
On 9/7/07, Anna Simbirtsev <[EMAIL PROTECTED]> wrote: > > Hello > I have a link paramName="map">Name and when a user clicks on it, it calls > action myAction and passes parameters using HashMap. Those parameters are > visible in the URL. Is there any way to pass parameters to the action > other > than through URL? If you wanted you could populate a form on the page, possibly with just hidden values and then have your link submit that form. -- Rick
Re: pass parameters to action
If you are using Struts2, I believe you can take advantage of the ParametersInterceptor for that. With that interceptor in place, you can access your parameters in the action by simply implementing getters and setters on the action. Read about it here http://www.infoq.com/articles/migrating-struts-2-part2 http://www.infoq.com/articles/migrating-struts-2-part2 or search the forums/google. Anna Simbirtsev wrote: > > Hello > I have a link paramName="map">Name and when a user clicks on it, it calls > action myAction and passes parameters using HashMap. Those parameters are > visible in the URL. Is there any way to pass parameters to the action > other > than through URL? > > Thank you > > -- View this message in context: http://www.nabble.com/pass-parameters-to-action-tf4402086.html#a12558801 Sent from the Struts - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: pass parameters to action
> I have a link paramName="map">Name and when a user clicks on > it, it calls action myAction and passes parameters using > HashMap. Those parameters are visible in the URL. Is there > any way to pass parameters to the action other than through URL? No, and it's not Strut's fault. If you want to hide the parameters, you need to use a form with method="post" (Strut's default value for method). Using a Struts "link" tag yields an HTML tag, which always generates a GET request. And with a GET, all parameters are part of the URL and appear in the browser's address line. -- Tim Slattery [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
pass parameters to action
Hello I have a link Name and when a user clicks on it, it calls action myAction and passes parameters using HashMap. Those parameters are visible in the URL. Is there any way to pass parameters to the action other than through URL? Thank you
