I resigned from formal association with OpenSymphony. I no longer have or
want CVS update access, or web site update capabilities, although I can
update the wiki and offer input on issues just like other users can.
What's more, since I used to be somewhat responsible for the care and
feeding of
Well, from my part, I'll toy with getting it in sandbox right away.
- Original Message -
From: Rickard Öberg [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Friday, January 17, 2003 12:36 AM
Subject: Re: [OS-webwork] Hidden token
Vedovato Paolo wrote:
that is a very important feature
-Original Message-
From: Robert Nicholson [mailto:[EMAIL PROTECTED]]
Sent: Thursday, January 16, 2003 5:50 PM
To: [EMAIL PROTECTED]
Subject: Re: [OS-webwork] Hidden token
I think the only reason Struts needs the ui:form is to associate the
form to the form bean.
I'm against
-Original Message-
From: Robert Nicholson [mailto:[EMAIL PROTECTED]]
Sent: Thursday, January 16, 2003 5:52 PM
To: [EMAIL PROTECTED]
Subject: Re: [OS-webwork] Hidden token
If I quickly hit the the submit button twice what happens?
What guarantee is there that the execution
-Original Message-
From: matt baldree [mailto:[EMAIL PROTECTED]]
Sent: Thursday, January 16, 2003 7:27 PM
To: [EMAIL PROTECTED]
Subject: Re: [OS-webwork] Hidden token
I have the code ;). I can add it if it is what people want
but Rickard has a point in trying to make this more
I proposed the ability to associate URL's with actions. When the URL is
requested the action is executed and the association is removed. This
removes the need for any Javascript solution or any hidden fields or any
such tricks.
Would the result of this execution be stored so that the second
boxed wrote:
I proposed the ability to associate URL's with actions. When the URL is
requested the action is executed and the association is removed. This
removes the need for any Javascript solution or any hidden fields or any
such tricks.
Would the result of this execution be stored so that
On Thu, Jan 16, 2003 at 08:45:53AM +0100, Rickard Öberg wrote:
Jason Carreira wrote:
I remember Rickard was talking about something to prevent 2 submits, but
I'm not sure what it was...
I proposed the ability to associate URL's with actions. When the URL is
requested the action is executed
There would be no hidden field. When the URL is generated that URL is
associated with the actions to be run. There's no way to figure out from
the URL what actions will be executed.
So you get URLs like:
http://www.myhost.com/some/path/wfjIFEOwijofOEIWjfIOWEkaAIoqjklnfoSyEj?foo=bar
And then a
Erik Beeson wrote:
There would be no hidden field. When the URL is generated that URL is
associated with the actions to be run. There's no way to figure out from
the URL what actions will be executed.
So you get URLs like:
On Thu, Jan 16, 2003 at 11:06:58AM +0100, Rickard Öberg wrote:
Philipp Meier wrote:
Hmmm, doest this mean, the jsp tag does sth. like
session.getTokenStack().push(new RandomToken()) and the action compares
the value passed in the hidden field to getTokenStack().pop()?
There would be no
Philipp Meier wrote:
Does this mean that when I use the ww:form tag, the target url will be
pushed / popped?
Not sure what you mean by pushed/popped. XWork would have an
association between user/URL and actions. When that user hits a URL the
association is used, and then removed.
/Rickard
On Thu, Jan 16, 2003 at 11:52:16AM +0100, Rickard Öberg wrote:
Philipp Meier wrote:
Does this mean that when I use the ww:form tag, the target url will be
pushed / popped?
Not sure what you mean by pushed/popped. XWork would have an
association between user/URL and actions. When that user
The way this is typically done is that as the form is generated a token
is placed into
the session and a hidden field is generated that matches this token.
When the action
is executed it is valid when the two tokens match. After the first
execution the session
token is removed. Therefore on
PROTECTED]
To: [EMAIL PROTECTED]
Sent: Wednesday, January 15, 2003 6:40 PM
Subject: RE: [OS-webwork] Hidden token
Did you modify the ui tags to automatically do this? I also added a
Jira
issue for this
-Original Message-
From: matt baldree [mailto:[EMAIL PROTECTED]]
Sent: Wednesday
: Robert Nicholson [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Thursday, January 16, 2003 4:48 PM
Subject: Re: [OS-webwork] Hidden token
Does that field also put the token into the session? Where's the code
that
adds the token to the session?
On Thursday, January 16, 2003, at 01:23 AM, matt
Joseph Ottinger wrote:
I'd prefer adding it to the wiki or the current release of WW, since there
are some users who actually use what's there now as opposed to vapourware,
even though the vapourware is promising.
Didn't you resign from OpenSymphony? Or was it just that you stopped
doing
Right, I just want to keep it from processing twice... Hit it twice if
you want.
-Original Message-
From: matt baldree [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, January 15, 2003 4:30 PM
To: [EMAIL PROTECTED]
Subject: Re: [OS-webwork] Hidden token
This doesn't prevent them
Just thought this out some more. Here's how it could work:
the hidden token is set in the session when the form is shown, then
added to the form as a hidden field. When the action processes the form,
you look for the token and make sure it's the same as the last one you
put in the session before
yes, this is how we did it.
- Original Message -
From: Jason Carreira [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Wednesday, January 15, 2003 3:48 PM
Subject: RE: [OS-webwork] Hidden token
Just thought this out some more. Here's how it could work:
the hidden token is set
In WW? Is this already there? Or did you do this in your project?
-Original Message-
From: matt baldree [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, January 15, 2003 6:05 PM
To: [EMAIL PROTECTED]
Subject: Re: [OS-webwork] Hidden token
yes, this is how we did
my project. i can add it when i get a chance.
- Original Message -
From: Jason Carreira [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Wednesday, January 15, 2003 6:10 PM
Subject: RE: [OS-webwork] Hidden token
In WW? Is this already there? Or did you do this in your project
Did you modify the ui tags to automatically do this? I also added a Jira
issue for this
-Original Message-
From: matt baldree [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, January 15, 2003 7:44 PM
To: [EMAIL PROTECTED]
Subject: Re: [OS-webwork] Hidden token
my project. i can add
I wouldn't want to put this on the wiki before it's decided to do it...
I put it in Jira instead
-Original Message-
From: Joseph Ottinger [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, January 15, 2003 8:42 PM
To: [EMAIL PROTECTED]
Subject: RE: [OS-webwork] Hidden token
Actually
Peter,
Excellent work mate - the Wiki is definitely the best place to record tips,
tricks and roadmap items for discussion.
-mike
On 16/1/03 1:15 PM, Peter Kelley ([EMAIL PROTECTED]) penned the words:
There's an area on wiki for discussing enhancements here:
Jason Carreira wrote:
I remember Rickard was talking about something to prevent 2 submits, but
I'm not sure what it was...
I proposed the ability to associate URL's with actions. When the URL is
requested the action is executed and the association is removed. This
removes the need for any
26 matches
Mail list logo
