how to enable client side validations?

2013-09-26 Thread Yaragalla Muralidhar
hi for client side validations to get enabled some document says that we have to add validate=true to s:form tag of the jsp but we are not using struts tags in jsp so is there a way to enable client side validations even when not using struts tags in jsp? Thanks in advance. *Thanks and

Re: how to enable client side validations?

2013-09-26 Thread Yaragalla Muralidhar
please help me out? if not possible we will find alternatives. *Thanks and Regards,* Muralidhar Yaragalla. * * On Thu, Sep 26, 2013 at 3:43 PM, Yaragalla Muralidhar yaragallamur...@gmail.com wrote: hi for client side validations to get enabled some document says that we have to add

Re: Prevent Ajax Multi-Request in Struts 2

2013-09-26 Thread JOSE L MARTINEZ-AVIAL
Hi, Since XHR request can not be cross-domain, you can not get a CSRF through XHR( the browser will not allow other page to send a XHR to your server). The only option would be a normal post against your supposed-ajax URL. In order to protect against it, we check for an HTTP header that is sent

Re: how to enable client side validations?

2013-09-26 Thread Yaragalla Muralidhar
Any possibilities? *Thanks and Regards,* Muralidhar Yaragalla. * * On Thu, Sep 26, 2013 at 5:23 PM, Yaragalla Muralidhar yaragallamur...@gmail.com wrote: please help me out? if not possible we will find alternatives. *Thanks and Regards,* Muralidhar Yaragalla. * * On Thu, Sep 26,

Re: how to enable client side validations?

2013-09-26 Thread Per Pascal Grube
I think you have to find somthing else. The client side validation code is created by the struts tags. I don't think there is a way to get the client side validation code without the tags. Regards, Pascal On Thursday 26 September 2013 18:54:55 Yaragalla Muralidhar wrote: Any possibilities?

Re: how to enable client side validations?

2013-09-26 Thread Yaragalla Muralidhar
Thank you. it helps a lot. We will find alternatives. *Thanks and Regards,* Muralidhar Yaragalla. * * On Thu, Sep 26, 2013 at 7:16 PM, Per Pascal Grube cyber...@flightmare.netwrote: I think you have to find somthing else. The client side validation code is created by the struts tags. I don't

Re: Prevent Ajax Multi-Request in Struts 2

2013-09-26 Thread Paul Benedict
Alireza, use some sort of pre-authenticated token. Ignore requests that have a bad token. On Thu, Sep 26, 2013 at 7:43 AM, JOSE L MARTINEZ-AVIAL jlm...@gmail.comwrote: Hi, Since XHR request can not be cross-domain, you can not get a CSRF through XHR( the browser will not allow other page

RE: Prevent Ajax Multi-Request in Struts 2

2013-09-26 Thread Martin Gainty
To Mitigate add a nonce to the form https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF) Saludos Martin- Date: Thu, 26 Sep 2013 08:43:12 -0400 Subject: Re: Prevent Ajax Multi-Request in Struts 2 From: jlm...@gmail.com To: user@struts.apache.org; afatt...@yahoo.com Hi,

Re: how to enable client side validations?

2013-09-26 Thread Johannes Geppert
You can try out Client AJAX Validation. This is described here for DOJO Plugin: https://cwiki.apache.org/confluence/display/WW/AJAX+Validation And here for the jQuery Plugin: http://code.google.com/p/struts2-jquery/wiki/Validation Of course you can also implement this logic without any of this