Thanks. I haven't read that one yet, but I'll be sure to check it out.
[EMAIL PROTECTED] wrote:
You might like this book, I did: http://www.manning.com/ford/
-Dennis
draegoon Z [EMAIL PROTECTED]
04/13/2006 10:13 AM
Please respond to
Struts Users Mailing List user@struts.apache.org
To
Thanks Wendy.
In a glance, it looks like something I can put to good use.
I will attempt to integrate it into my webapp.
Wendy Smoak wrote:
On 4/24/06, draegoon Z [EMAIL PROTECTED] wrote:
Does anyone know where I can find one of those image code generators
that verifies that a person
If I understand you correctly, that is a CSS question, not struts.
Set the 'overflow' property to 'hidden' or 'visible' on the div
containing your inserted content.
-Joe
Mohsin I. Hakak wrote:
How to hide scrollbars from jsp's displayed using struts in case they
appear??
What if you use a DispatchAction and one path.
Either way you will need to check a parameter (or something)
to ensure the proper route
-Joe
Ilja S. wrote:
Hello
This could be silly question but I'm kind stuck here.
I have 2 ActionMappings in struts config with following paths:
one JSP for those
mappings and submit form in this jsp to corresponding mapping.
Joseph McGranaghan wrote:
What if you use a DispatchAction and one path.
Either way you will need to check a parameter (or something)
to ensure the proper route
-Joe
Ilja S. wrote:
Hello
This could be silly
Hello everyone,
I need a good forum solution to integrate with strut1 (action).
Anyone got a favorite to share?
Thanks,
Joe
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Are you allowing the user to redisplay any entered HTML ala myspace?
I'm working on a solution for this right now. For this situation, I'm
filtering it in action before it is saved to DB.
Here are some REs and a simple function:
private final static String XSS_BIG_OBJECTS_FILTER =
I'm currently working on this problem for a website I'm building.
I found this:
on(?:(?:mo(?:use(?:o(?:ver|ut)|down|move|up)|ve)|key(?:press|dow +
n|up)|c(?:hange|lick)|s(?:elec|ubmi)t|(?:un)?load|dragdrop|resize|focus| +
Sorry, just noticed a problem in that events filter.
(;|) in the end should be just
in case multiple statements.
It's a work in progress :)
-Joe
Joseph McGranaghan wrote:
I'm currently working on this problem for a website I'm building.
I found this:
on(?:(?:mo(?:use(?:o
anything to worry about.
Basically the whole discussion is useless, its sufficent to encode
and properly :-)
Leon.
-Original Message-
From: Joseph McGranaghan [mailto:[EMAIL PROTECTED]
Sent: Thursday, March 15, 2007 4:46 PM
To: Struts Users Mailing List
Subject: Re: Cross site scripting
class, easy to maintain.
I guess I just don't see an argument for filtering it on the way out.
What if you miss something?
-Joe
Christopher Schultz wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Joseph,
Joseph McGranaghan wrote:
I [hear that worrying about XSS is not worth
Ok, I'm going to pay attention to the problem, the XSS filter:
I am using a 'blacklist', because my users need to enter as much X\HTML
as I can possibly allow them.
So, tags I'm originally NOT allowing are:
applet script embed object server frame iframe frameset
html body
I'm removing all
Thanks for the feedback Chris.
Christopher Schultz wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Joe,
Joseph McGranaghan wrote:
So, tags I'm originally NOT allowing are:
applet script embed object server frame iframe frameset
html body
Okay.
If you're going to do
Hey guys, I'm gonna start this as an [OT] as a courtesy.
Found a scenario where filtering the output won't do, I think.
I'm doing an all ajax webapp.
I send an internal mail message to a users inbox,
the same as a user-to-user would.
Embedded in the message is this:
div style=margin: 0px
Down below...
Laurie Harper wrote:
Christopher Schultz wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Joe,
Joseph McGranaghan wrote:
So, tags I'm originally NOT allowing are:
applet script embed object server frame iframe frameset
html body
Okay.
If you're going to do this:
I'm
What good html editors or rich text editors
are successfully being used in html forms for textarea
submissions.
I'm looking at FCKeditor and the dojo rich text editor.
What experiences have you guys had with these and others.
-Joe
.
Regards,
Andrew Stepanenko,
http://unf.tane.edu.ua
On 11/22/06, Joseph McGranaghan [EMAIL PROTECTED] wrote:
What good html editors or rich text editors
are successfully being used in html forms for textarea
submissions.
I'm looking at FCKeditor and the dojo rich text editor.
What experiences have you
Stupid question I'm sure, but how do you have a tiles-def
that inserts an action? I'm getting stream closed exceptions in tomcat
5.0.28
I need to do this:
definition name=main page=/main.jsp
put name=top value=/first.jsp /
put name=bottom value=/my_action_url.do /
yourself a Command and add it into the chain.
Joseph McGranaghan wrote:
Sorry, but I just can't get a clear understanding of a solution
for Struts 1.3.5 and SSL. I've always used sslext to ensure my
pages are secured.
So now if I want to use the new ComposableRequestProcessor,
how can I implement
/11/06, Joseph McGranaghan [EMAIL PROTECTED] wrote:
- Do I start with the default ComposableRequestProcessor?
- Do I gut the org.apache.struts.action.SecureTilesRequestProcessor and
add it to commands
- Do I need to alter the underlying struts chain-config, override it, or
just add commands
Thanks Naill, you're the man! :-)
I'll reply my results to the list.
-Joe
Niall Pemberton wrote:
On 12/10/06, Joseph McGranaghan [EMAIL PROTECTED] wrote:
Sorry, but I just can't get a clear understanding of a solution
for Struts 1.3.5 and SSL. I've always used sslext to ensure my
pages
Yep, everything seems to work fine besides other upgrade issues.
Thanks again.
Joseph McGranaghan wrote:
Thanks Naill, you're the man! :-)
I'll reply my results to the list.
-Joe
Niall Pemberton wrote:
On 12/10/06, Joseph McGranaghan [EMAIL PROTECTED] wrote:
Sorry, but I just can't get
This should be simple, but for the life of me I can't get find the answer.
All I want to do is have a chain execute and then go to an action forward
Right now it goes through the chain and outputs a blank web page with no
source code at all.
struts-config:
action
Solved my problem:
ActionContext ac = (ActionContext)context;
ac.setForwardConfig(new ActionForward(/myaction.do));
If anyone has a cleaner, non-hardcoded my, I'm all ears!
Thanks,
Joe
Joseph McGranaghan wrote:
This should be simple, but for the life of me I can't get find
Yes, that works perfectly!
A whole lot cleaner too.
Now people will find this in the archives.
Thanks,
Joe
Niall Pemberton wrote:
On 12/19/06, Joseph McGranaghan [EMAIL PROTECTED] wrote:
Solved my problem:
ActionContext ac = (ActionContext)context;
ac.setForwardConfig(new ActionForward
I'm trying to use an ajaxArea for the main portion of my site.
Inside it I have control panel of several tiles.
One of the tiles contains a displayTag that I want ajaxified
unto it's own self, not the whole main ajaxArea.
Matter of fact, I can't even get it to work right with the enclosed
No it's from the AjaxTags project.
I tried to post to JWP mailing list but got bounce for some reason,
hence the [OT]
I use struts 1.3.5 though, not s2
Musachy Barroso wrote:
I don't think ajax:area is an S2 tag. Is that form another ajax
library?
regards
musachy
Joseph McGranaghan wrote
is evaluated, sent back to the page, and displayed inside the
ajax:area.
musachy
Joseph McGranaghan wrote:
I'm trying to use an ajaxArea for the main portion of my site.
Inside it I have control panel of several tiles.
One of the tiles contains a displayTag that I want ajaxified
unto it's own self
Why not 1.3.5 with chains and stuff.
I just successfully upgraded from 1.2.9 with minor headaches.
I also use sslext and many other things.
-Joe
Jim Reynolds wrote:
Are there major differences between 1.24 and 1.29? I am having lots of
validation problems, and problems with the SSLExt in the
work well with Spring 2.0, but it's not the
officially supported version.
bruno
-Original Message-
From: Joseph McGranaghan [mailto:[EMAIL PROTECTED]
Sent: Friday, December 22, 2006 8:26 AM
To: Struts Users Mailing List
Subject: Re: Version Question Pre 2.0
Why not 1.3.5 with chains
30 matches
Mail list logo