[jira] Commented: (ROL-1788) a GET of http://blogname.co.uk/roller-ui/admin/globalConfig!save.rol disables all checkbox options on the screen.

Mon, 16 Feb 2009 14:17:37 -0800 

    [ 
https://issues.apache.org/roller/browse/ROL-1788?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14531#action_14531
 ] 

David Johnson commented on ROL-1788:
------------------------------------

For most of Roller's forms, inadvertently invoking GET will fail because the 
information passed on the URL alone is not enough to pass validation. For the 
global config and global comment management cases this is not true.

I have a fix in my workspace that adds makes those two actions implement 
ServletRequestAware" so that they can check to ensure that 
"POST".equals(httpMethod) before allow a save().

If nobody objects, I'll commit this fix to the trunk.

> a GET of http://blogname.co.uk/roller-ui/admin/globalConfig!save.rol disables 
> all checkbox options on the screen.
> -----------------------------------------------------------------------------------------------------------------
>
>                 Key: ROL-1788
>                 URL: https://issues.apache.org/roller/browse/ROL-1788
>             Project: Roller
>          Issue Type: Bug
>          Components: Configuration & Settings
>    Affects Versions: 4.0.1
>         Environment: OS X Leopard
>            Reporter: Dick Davies
>            Assignee: Roller Unassigned
>
> I was logged into the admin app and had just changed some settings, so
> my location bar looked like
>  http://blogname.co.uk/roller-ui/admin/globalConfig!save.rol
> If I select that URL and hit enter (forcing a reload of that page),
> all the checkboxes on
> that view are deselected - disabling every associated option. You
> don't need to hit save,
> the changes are applied immediately (guessing because of the !save.rol
> at the end?).
> Found this out by bookmarking what I thought was the admin screen.
> This broke Planet, our comment moderation, custom themes, user registration 
> etc.
> Would it be possible for either:
> a) the action to require a POST or
> b) the checkboxes to keep their existing settings if nothing is provided in 
> the request.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

Reply via email to