*sigh* I confused the s:form method attribute and used it to specify the method to call on the action, not the HTTP form submit method. Everything's working now. Definitely not my brightest moment.
Thanks a bunch, GB Laurie Harper wrote: > > Guillaume Bilodeau wrote: >> Hi guys, >> >> I'm using Struts 2.0.11 for a standard web application and using >> annotations >> all the way. I have the following action, with some fields and getters / >> setters omitted for brevity: >> >> @ParentPackage("default") >> @Results( { >> @Result(name = "input", type = ServletDispatcherResult.class, >> value = >> "/views/users/changePassword.jsp"), >> @Result(type = ServletActionRedirectResult.class, value = >> "workbench", >> params = { >> "namespace", "/workbench", "parse", "true", >> "actionMessageKey", >> "${actionMessageKey}" }) }) >> @Validation >> public class ChangePasswordAction extends ActionSupport { >> @Override >> @Validations(requiredStrings = { >> @RequiredStringValidator(fieldName = "currentPassword", >> message = "", >> key >> = "users.changePassword.currentPassword.invalid"), >> @RequiredStringValidator(fieldName = "newPassword1", >> message = "", key >> = >> "users.changePassword.newPassword.invalid"), >> @RequiredStringValidator(fieldName = "newPassword2", >> message = "", key >> = >> "users.changePassword.newPassword.invalid") }, expressions = { >> @ExpressionValidator(expression = "newPassword1.equals(newPassword2)", >> message = "", key = "users.changePassword.mismatch") }) >> public String execute() { >> String result = Action.INPUT; >> >> try { >> userService.changeUserPassword(getUser().getId(), >> currentPassword, >> newPassword1); >> result = Action.SUCCESS; >> } >> catch (InvalidPasswordException e) { >> >> addActionError(getText("users.changePassword.currentPassword.invalid")); >> } >> >> return result; >> } >> } >> >> The accompanying JSP, changePassword.jsp, contains a simple form with 3 >> fields (current, new, confirm new password) and a submit button. >> >> When leaving all form fields and submitting the form, the validation >> interceptor correctly executes, correctly identifies all validation >> errors >> and correctly executes the input result. The rendered page correctly >> shows >> the correct form with all expected error messages next to the >> corresponding >> fields. Basically, the whole request handling works as expected. >> However, >> the browser's address bar now shows the following: >> >> http://localhost:8080/healthcheck/users/changePassword.go?currentPassword=&newPassword1=&newPassword2=&general.submit=Submit >> >> The URL contains all failed parameters with their values in clear text, >> which is something I don't want. The behavior is the same when using an >> empty result type for the input result. >> >> 1. Is there a way not to see these parameters in the final URL? >> 2. I don't see why these parameters need to be added to the URL when they >> are clearly accessible to the JSP using the value stack. Surely there >> must >> be a good reason to this? > > > That's basic HTML/HTTP. You need to change your form to submit using the > POST method instead of GET. See the 'method' attribute of s:form. > > L. > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > -- View this message in context: http://www.nabble.com/Validation-result-URL-contains-failed-parameters-tp16624608p16633323.html Sent from the Struts - User mailing list archive at Nabble.com. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]