[
https://jira.codehaus.org/browse/CONTINUUM-2665?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=365595#comment-365595
]
Brent N Atkinson edited comment on CONTINUUM-2665 at 3/23/15 5:46 PM:
----------------------------------------------------------------------
After taking another look at this, I believe this is doing exactly what it was
configured to do. However, the exact semantics may not have been completely
understood when it was first implemented. What is happening:
{quote}
2) Click delete button for purge 1
Are you sure you want to delete Purge Configuration "<purge 1 description>" ?
{quote}
When this is submitted, the token generated for the form has never been used.
The request is executed as normal, which shows the confirmation page for the
parameters specified in the URL.
{quote}
3) Click cancel
4) Click delete button for purge 2
Error: Are you sure you want to delete Purge Configuration "<purge 1
description>" ? is displayed
{quote}
Since the cancel button uses history.back() to retrieve the configurations list
page, the user is shown the original page they visited rather than a newly
rendered one. The form includes the original tokens generated, which are now
stale since they have been used.
When the user clicks the delete button for purge configuration 2, struts2's
{{TokenSessionStoreInterceptor}} detects the stale token as invalid (line 111 -
struts version 2.3.20) then looks up the original invocation (line 135) and
replays it. This is why the page shows the result for the first submission. The
behavior is intended: yield the same result as the original submission, but
without re-executing the action.
was (Author: batkinson):
After taking another look at this, I believe this is doing exactly what it was
configured to do. However, the exact semantics may not have been completely
understood when it was first implemented. What is happening:
{quote}
2) Click delete button for purge 1
Are you sure you want to delete Purge Configuration "<purge 1 description>" ?
{quote}
When this is submitted, the token generated for the form has never been used.
The request is executed as normal, which shows the confirmation page for the
parameters specified in the URL.
{quote}
3) Click cancel
4) Click delete button for purge 2
Error: Are you sure you want to delete Purge Configuration "<purge 1
description>" ? is displayed
{quote}
Since the cancel button uses history.back() to retrieve the configurations list
page, the user is shown the original page they visited rather than a newly
rendered one. The form includes the original tokens generated, which are not
stale since they have been used.
When the user clicks the delete button for purge configuration 2, struts2's
{{TokenSessionStoreInterceptor}} detects the stale token as invalid (line 111 -
struts version 2.3.20) then looks up the original invocation (line 135) and
replays it. This is why the page shows the result for the first submission. The
behavior is intended: yield the same result as the original submission, but
without re-executing the action.
> Incorrect purge description is displayed in delete confirmation.
> ----------------------------------------------------------------
>
> Key: CONTINUUM-2665
> URL: https://jira.codehaus.org/browse/CONTINUUM-2665
> Project: Continuum
> Issue Type: Bug
> Components: Web - UI
> Affects Versions: 1.4.1
> Reporter: Greg Michael Meneses
> Assignee: Brent N Atkinson
> Priority: Minor
> Labels: triaged
>
> To replicate:
> 1) Create 2 purge configurations with distinct descriptions.
> 2) Click delete button for purge 1
> Are you sure you want to delete Purge Configuration "<purge 1 description>" ?
> 3) Click cancel
> 4) Click delete button for purge 2
> Error: Are you sure you want to delete Purge Configuration "<purge 1
> description>" ? is displayed
> Expected Result: Are you sure you want to delete Purge Configuration "<purge
> 2 description>" ? is displayed
--
This message was sent by Atlassian JIRA
(v6.1.6#6162)
