Re: [OS-webwork] Hidden token

Robert Nicholson Thu, 16 Jan 2003 15:00:17 -0800

Does that field also put the token into the session? Where's the code that
adds the token to the session?

On Thursday, January 16, 2003, at 01:23 AM, matt baldree wrote:

no just added a hidden input field. this really isn't a ui tag.

----- Original Message -----
From: "Jason Carreira" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, January 15, 2003 6:40 PM
Subject: RE: [OS-webwork] Hidden token

Did you modify the ui tags to automatically do this? I also added a Jira
issue for this

-----Original Message-----
From: matt baldree [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, January 15, 2003 7:44 PM
To: [EMAIL PROTECTED]
Subject: Re: [OS-webwork] Hidden token



my project. i can add it when i get a chance.

----- Original Message -----
From: "Jason Carreira" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, January 15, 2003 6:10 PM
Subject: RE: [OS-webwork] Hidden token


In WW? Is this already there? Or did you do this in your project?

-----Original Message-----
From: matt baldree [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, January 15, 2003 6:05 PM
To: [EMAIL PROTECTED]
Subject: Re: [OS-webwork] Hidden token

yes, this is how we did it.

----- Original Message -----
From: "Jason Carreira" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, January 15, 2003 3:48 PM
Subject: RE: [OS-webwork] Hidden token

Just thought this out some more. Here's how it could work:

the hidden token is set in the session when the form is
shown, then added to the form as a hidden field. When the
action processes the form, you look for the token and make
sure it's the same as the last one you put in the session
before you process.

Jason

-----Original Message-----
From: Jason Carreira
Sent: Wednesday, January 15, 2003 4:04 PM
To: [EMAIL PROTECTED]
Subject: [OS-webwork] Hidden token

Hi all,

In our evaluation of Struts vs. Webwork, I was asked about the
ability to do hidden tokens on WW built forms and URLs. Struts
apparently, in their form and link tags, have the possibility of
(optionally) adding a hidden token (either as a hidden

form field,

or through URL rewriting), which can keep the user from clicking
twice and executing your action twice. I don't remember seeing
anything like this in WW, although my take is that this would be
easy enough to add to the URLTag. Also, is there a

ui:form tag? I'm

not sure what all got added.

I remember Rickard was talking about something to prevent

2 submits,

but I'm not sure what it was...

Thoughts? Would this be something good to add (given that

it would

be optional and not break anybodies existing code)?

Jason

--
Jason Carreira
Technical Architect, Notiva Corp.
phone: 585.240.2793
  fax: 585.272.8118
email: [EMAIL PROTECTED]
---
Notiva - optimizing trade relationships (tm)



-------------------------------------------------------
This SF.NET email is sponsored by: A Thawte Code Signing

Certificate

is essential in establishing user confidence by providing

assurance

of authenticity and code integrity. Download our Free Code
Signing guide:
http://ads.sourceforge.net/cgi-> bin/redirect.pl?thaw0028en


_______________________________________________
Opensymphony-webwork mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/opensymphony-webwork


-------------------------------------------------------
This SF.NET email is sponsored by: A Thawte Code Signing

Certificate

is essential in establishing user confidence by providing
assurance of
authenticity and code integrity. Download our Free Code

Signing guide:

http://ads.sourceforge.net/cgi-bin/redirect.pl?thaw0028en
_______________________________________________
Opensymphony-webwork mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/opensymphony-webwork




-------------------------------------------------------
This SF.NET email is sponsored by: A Thawte Code Signing

Certificate

is essential in establishing user confidence by providing
assurance of
authenticity and code integrity. Download our Free Code

Signing guide:

http://ads.sourceforge.net/cgi-bin/redirect.pl?thaw0028en
_______________________________________________
Opensymphony-webwork mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/opensymphony-webwork


-------------------------------------------------------
This SF.NET email is sponsored by: A Thawte Code Signing Certificate
is essential in establishing user confidence by providing
assurance of
authenticity and code integrity. Download our Free Code Signing guide:
http://ads.sourceforge.net/cgi-bin/redirect.pl?thaw0028en
_______________________________________________
Opensymphony-webwork mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/opensymphony-webwork





-------------------------------------------------------
This SF.NET email is sponsored by: A Thawte Code Signing Certificate
is essential in establishing user confidence by providing
assurance of
authenticity and code integrity. Download our Free Code Signing guide:
http://ads.sourceforge.net/cgi-bin/redirect.pl?thaw0028en
_______________________________________________
Opensymphony-webwork mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/opensymphony-webwork


-------------------------------------------------------
This SF.NET email is sponsored by: A Thawte Code Signing Certificate
is essential in establishing user confidence by providing assurance of
authenticity and code integrity. Download our Free Code Signing guide:
http://ads.sourceforge.net/cgi-bin/redirect.pl?thaw0028en
_______________________________________________
Opensymphony-webwork mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/opensymphony-webwork





-------------------------------------------------------
This SF.NET email is sponsored by: A Thawte Code Signing Certificate
is essential in establishing user confidence by providing assurance of
authenticity and code integrity. Download our Free Code Signing guide:
http://ads.sourceforge.net/cgi-bin/redirect.pl?thaw0028en
_______________________________________________
Opensymphony-webwork mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/opensymphony-webwork

-------------------------------------------------------
This SF.NET email is sponsored by: Thawte.com
Understand how to protect your customers personal information by implementing
SSL on your Apache Web Server. Click here to get our FREE Thawte Apache Guide: http://ads.sourceforge.net/cgi-bin/redirect.pl?thaw0029en
_______________________________________________
Opensymphony-webwork mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/opensymphony-webwork

Re: [OS-webwork] Hidden token

Reply via email to