hi for client side validations to get enabled some document says that we
have to add validate=true to s:form tag of the jsp but we are not using
struts tags in jsp so is there a way to enable client side validations even
when not using struts tags in jsp?
Thanks in advance.
*Thanks and
please help me out? if not possible we will find alternatives.
*Thanks and Regards,*
Muralidhar Yaragalla.
*
*
On Thu, Sep 26, 2013 at 3:43 PM, Yaragalla Muralidhar
yaragallamur...@gmail.com wrote:
hi for client side validations to get enabled some document says that we
have to add
Hi,
Since XHR request can not be cross-domain, you can not get a CSRF through
XHR( the browser will not allow other page to send a XHR to your server).
The only option would be a normal post against your supposed-ajax URL. In
order to protect against it, we check for an HTTP header that is sent
Any possibilities?
*Thanks and Regards,*
Muralidhar Yaragalla.
*
*
On Thu, Sep 26, 2013 at 5:23 PM, Yaragalla Muralidhar
yaragallamur...@gmail.com wrote:
please help me out? if not possible we will find alternatives.
*Thanks and Regards,*
Muralidhar Yaragalla.
*
*
On Thu, Sep 26,
I think you have to find somthing else. The client side validation code is
created by the struts tags. I don't think there is a way to get the client
side validation code without the tags.
Regards, Pascal
On Thursday 26 September 2013 18:54:55 Yaragalla Muralidhar wrote:
Any possibilities?
Thank you. it helps a lot. We will find alternatives.
*Thanks and Regards,*
Muralidhar Yaragalla.
*
*
On Thu, Sep 26, 2013 at 7:16 PM, Per Pascal Grube
cyber...@flightmare.netwrote:
I think you have to find somthing else. The client side validation code is
created by the struts tags. I don't
Alireza, use some sort of pre-authenticated token. Ignore requests that
have a bad token.
On Thu, Sep 26, 2013 at 7:43 AM, JOSE L MARTINEZ-AVIAL jlm...@gmail.comwrote:
Hi,
Since XHR request can not be cross-domain, you can not get a CSRF through
XHR( the browser will not allow other page
To Mitigate add a nonce to the form
https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF)
Saludos
Martin-
Date: Thu, 26 Sep 2013 08:43:12 -0400
Subject: Re: Prevent Ajax Multi-Request in Struts 2
From: jlm...@gmail.com
To: user@struts.apache.org; afatt...@yahoo.com
Hi,
You can try out Client AJAX Validation.
This is described here for DOJO Plugin:
https://cwiki.apache.org/confluence/display/WW/AJAX+Validation
And here for the jQuery Plugin:
http://code.google.com/p/struts2-jquery/wiki/Validation
Of course you can also implement this logic without any of this
9 matches
Mail list logo