I'm using displaytag-1.0-b2 on a struts-1.1 based application. I found out that display tag appends request parameters to URL query strings.
This is a problem for an application I'm working on because I have a table (using displaytag) which is also a form, and it has a password column. The textfield of course displays asterisks, however, when I save the form (normal struts action, POST method), all those passwords are included in the request. After saving, I return to the current page of the list/table that was saved (business requirement). Then when I go to the next page of that list, all those passwords from the request (along with every request parameters) are appended to the URL. - this results in a very long URL which are not necessarily useful for displaytag - those passwords are appended in plain text to the URL - other information appended to the URL is stored on the browser history list, and this breaches the privacy issue (first name, last name, date of birth, etc) Any idea how to solve this problem? I'm wondering if there's a way to filter what parameters not to be included to displaytag URL. Basically we cannot change the way the application suppose to work, because the problems would not occur in the first place anyway if displaytag doesn't include every parameters from the request. Btw, I've tried searching the mail archive and can't find any solution. http://greetings.yahoo.com.au - Yahoo! Greetings Send your love online with Yahoo! Greetings - FREE! ------------------------------------------------------- The SF.Net email is sponsored by EclipseCon 2004 Premiere Conference on Open Tools Development and Integration See the breadth of Eclipse activity. February 3-5 in Anaheim, CA. http://www.eclipsecon.org/osdn _______________________________________________ displaytag-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/displaytag-user
