[
https://issues.apache.org/jira/browse/SLING-5824?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15364388#comment-15364388
]
Bertrand Delacretaz commented on SLING-5824:
--------------------------------------------
I don't like this as a generic mechanism - if a specific use case doesn't work
well with GET requests it should use POST.
Back in 2007 SLING-53 was similar, suggesting an {{X-Method-Override}} header
which looks slightly cleaner to me, but see the comments there about potential
(or perceived) security issues.
> Servlet Filter to do POST tunnelling to GET
> -------------------------------------------
>
> Key: SLING-5824
> URL: https://issues.apache.org/jira/browse/SLING-5824
> Project: Sling
> Issue Type: Improvement
> Components: Servlets
> Reporter: Christanto
>
> Sometimes there is a case where the request URL is very long. For example,
> during advanced search where there are many fields.
> To accommodate this, the request is tunneled through POST, such that the
> client do a POST request and then the server convert it to GET, so that the
> other code in the chain only knows about GET.
> So far the custom POST handler needs to be created specifically for this:
> {code}
> slingRequest.getRequestDispatcher(resource).forward(new
> HttpServletRequestWrapper(request) {
> @Override
> public String getMethod() {
> return "GET";
> }
> }, response);
> {code}
> Since this is generic and to avoid creating a custom POST handler every time
> for this, it makes sense to implement this in Sling using Servlet Filter. For
> example, a special parameter can be introduced for this purpose named
> "\_method\_". So the filter will check for this parameter and wrap the
> request accordingly (also remove the "\_method\_"). This is similar to
> "\_charset\_" parameter for encoding.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
