hello, i had a quick look at it and i think matthias is right. @felix: there's a workaround to fix it (without patching an existing implementation). if you're interested, i'll provide it. however, you have to test it.
regards, gerhard 2008/9/18 Matthias Wessendorf <[EMAIL PROTECTED]> > Hi Felix, > > On Wed, Sep 17, 2008 at 8:03 AM, <[EMAIL PROTECTED]> wrote: > > > > Hi Simon, > > > > Just tried it and yes, it happens with a simple h:inputText instead of > > the tr:inputText, too. > > maybe you want to read this: > http://issues.apache.org/jira/browse/MYFACES-1467 > > -Matthias > > > > > Felix > > > > -----Original Message----- > > From: Simon Kitching [mailto:[EMAIL PROTECTED] > > Sent: Wednesday, September 17, 2008 4:41 PM > > To: MyFaces Discussion > > Subject: Re: wrong/missing validation behaviour - security problem. > > > > Does this happen if you use an h:inputText rather than a tr:inputText? > > > > > > > > > > > > -- > Matthias Wessendorf > > blog: http://matthiaswessendorf.wordpress.com/ > sessions: http://www.slideshare.net/mwessendorf > twitter: http://twitter.com/mwessendorf > -- http://www.irian.at Your JSF powerhouse - JSF Consulting, Development and Courses in English and German Professional Support for Apache MyFaces
