*sigh*
I confused the s:form method attribute and used it to specify the method to
call on the action, not the HTTP form submit method. Everything's working
now. Definitely not my brightest moment.
Thanks a bunch,
GB
Laurie Harper wrote:
>
> Guillaume Bilodeau wrote:
>> Hi guys,
>>
>> I'm using Struts 2.0.11 for a standard web application and using
>> annotations
>> all the way. I have the following action, with some fields and getters /
>> setters omitted for brevity:
>>
>> @ParentPackage("default")
>> @Results( {
>> @Result(name = "input", type = ServletDispatcherResult.class,
>> value =
>> "/views/users/changePassword.jsp"),
>> @Result(type = ServletActionRedirectResult.class, value =
>> "workbench",
>> params = {
>> "namespace", "/workbench", "parse", "true",
>> "actionMessageKey",
>> "${actionMessageKey}" }) })
>> @Validation
>> public class ChangePasswordAction extends ActionSupport {
>> @Override
>> @Validations(requiredStrings = {
>> @RequiredStringValidator(fieldName = "currentPassword",
>> message = "",
>> key
>> = "users.changePassword.currentPassword.invalid"),
>> @RequiredStringValidator(fieldName = "newPassword1",
>> message = "", key
>> =
>> "users.changePassword.newPassword.invalid"),
>> @RequiredStringValidator(fieldName = "newPassword2",
>> message = "", key
>> =
>> "users.changePassword.newPassword.invalid") }, expressions = {
>> @ExpressionValidator(expression = "newPassword1.equals(newPassword2)",
>> message = "", key = "users.changePassword.mismatch") })
>> public String execute() {
>> String result = Action.INPUT;
>>
>> try {
>> userService.changeUserPassword(getUser().getId(),
>> currentPassword,
>> newPassword1);
>> result = Action.SUCCESS;
>> }
>> catch (InvalidPasswordException e) {
>>
>> addActionError(getText("users.changePassword.currentPassword.invalid"));
>> }
>>
>> return result;
>> }
>> }
>>
>> The accompanying JSP, changePassword.jsp, contains a simple form with 3
>> fields (current, new, confirm new password) and a submit button.
>>
>> When leaving all form fields and submitting the form, the validation
>> interceptor correctly executes, correctly identifies all validation
>> errors
>> and correctly executes the input result. The rendered page correctly
>> shows
>> the correct form with all expected error messages next to the
>> corresponding
>> fields. Basically, the whole request handling works as expected.
>> However,
>> the browser's address bar now shows the following:
>>
>> http://localhost:8080/healthcheck/users/changePassword.go?currentPassword=&newPassword1=&newPassword2=&general.submit=Submit
>>
>> The URL contains all failed parameters with their values in clear text,
>> which is something I don't want. The behavior is the same when using an
>> empty result type for the input result.
>>
>> 1. Is there a way not to see these parameters in the final URL?
>> 2. I don't see why these parameters need to be added to the URL when they
>> are clearly accessible to the JSP using the value stack. Surely there
>> must
>> be a good reason to this?
>
>
> That's basic HTML/HTTP. You need to change your form to submit using the
> POST method instead of GET. See the 'method' attribute of s:form.
>
> L.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
>
--
View this message in context:
http://www.nabble.com/Validation-result-URL-contains-failed-parameters-tp16624608p16633323.html
Sent from the Struts - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
