RE: T5 5.0.15 possible bug with forms with context on secure pages?

2008-11-19 Thread Russell Brown 
 Still, this sounds like a potential problem, because the page will
not have been activated, so it's hard to expect it to passivate itself.
Does this mean I should raise a JIRA about this?

More importantly shouldn't a form on a https page have https as the
protocol in the action (that would solve the problem completely since
there would be no need to redirect and therefore no need to create an
onPassivate event to create a page render link)?

I'm not sure what your response means: are you acknowledging a bug in
the t:form component and the RequestSecurityManagerImpl and saying that
5.0.16 hides it a little so that there is no exception?

Cheers

Russell

-Original Message-
From: Howard Lewis Ship [mailto:[EMAIL PROTECTED] 
Sent: 18 November 2008 17:14
To: Tapestry users
Subject: Re: T5 5.0.15 possible bug with forms with context on secure
pages?

5.0.16 does not have the same problem with null/blank values and
should handle this better.  Still, this sounds like a potential
problem, because the page will not have been activated, so it's hard
to expect it to passivate itself.

On Tue, Nov 18, 2008 at 8:20 AM, Russell Brown [EMAIL PROTECTED]
wrote:
 Hi Again,

 Is this a bug or is it me? I have a page with the @Secure annotation.
I
 put a t:form with a context on the tml for the page.



 Problem 1: The action url is
 http://myhost:myport/MyPage.MyForm/MyContext.



 Which leads to problem 2. The RequestSecurityManagerImpl method
 checkForInsecureRequest(String) creates a page render link using the
 page but then throws an exception java.lang.RuntimeException: Context
 values (which are added to the request URL) may not be null or blank.



 I guess this is because the onPassivate() method for the containing
page
 is called and by now it's properties are null since we are in a new
 request...



 What is the correct way to get around this? Shouldn't the form just
 submit to https anyway since it is on an https page? And why does
 createPageRenderLink cause the exception to be thrown, do I have to
mark
 ALL fields that are used in onPassivate as @Persist? And what happens
to
 the forms context?



 Any answers to any of the above would be greatly appreciated.



 Cheers

 Russell





-- 
Howard M. Lewis Ship

Creator Apache Tapestry and Apache HiveMind

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: T5 5.0.15 possible bug with forms with context on secure pages?

2008-11-18 Thread Howard Lewis Ship 
5.0.16 does not have the same problem with null/blank values and
should handle this better.  Still, this sounds like a potential
problem, because the page will not have been activated, so it's hard
to expect it to passivate itself.

On Tue, Nov 18, 2008 at 8:20 AM, Russell Brown [EMAIL PROTECTED] wrote:
 Hi Again,

 Is this a bug or is it me? I have a page with the @Secure annotation. I
 put a t:form with a context on the tml for the page.



 Problem 1: The action url is
 http://myhost:myport/MyPage.MyForm/MyContext.



 Which leads to problem 2. The RequestSecurityManagerImpl method
 checkForInsecureRequest(String) creates a page render link using the
 page but then throws an exception java.lang.RuntimeException: Context
 values (which are added to the request URL) may not be null or blank.



 I guess this is because the onPassivate() method for the containing page
 is called and by now it's properties are null since we are in a new
 request...



 What is the correct way to get around this? Shouldn't the form just
 submit to https anyway since it is on an https page? And why does
 createPageRenderLink cause the exception to be thrown, do I have to mark
 ALL fields that are used in onPassivate as @Persist? And what happens to
 the forms context?



 Any answers to any of the above would be greatly appreciated.



 Cheers

 Russell





-- 
Howard M. Lewis Ship

Creator Apache Tapestry and Apache HiveMind

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]