Re: Wicket really dumb? Converting to amp; in password fields?

2007-12-21 Thread fattymelt



-- 
View this message in context: 
http://www.nabble.com/Wicket-really-dumb--Converting---to--amp--in-password-fields--tp14460118p14460165.html
Sent from the Wicket - User mailing list archive at Nabble.com.


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



Wicket really dumb? Converting to amp; in password fields?

2007-12-21 Thread fattymelt

I've been debugging a (hopefully) unrelated problem when I came across
this...

Someone submits passwrd as a password in my login form and the back-end
gets it as passwamp;amp;rd

Are you kidding me? Why would that be happening?
-- 
View this message in context: 
http://www.nabble.com/Wicket-really-dumb--Converting---to--amp--in-password-fields--tp14460118p14460118.html
Sent from the Wicket - User mailing list archive at Nabble.com.


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



Re: Wicket really dumb? Converting to amp; in password fields?

2007-12-21 Thread Sergey Podatelev
I love the way Wicket community handles such offences :).

-- 
sp


Re: Wicket really dumb? Converting to amp; in password fields?

2007-12-21 Thread Igor Vaynberg
what version of this dumb framework are you using?

-igor


On Dec 21, 2007 10:23 AM, fattymelt [EMAIL PROTECTED] wrote:

 I've been debugging a (hopefully) unrelated problem when I came across
 this...

 Someone submits passwrd as a password in my login form and the back-end
 gets it as passwamp;amp;rd

 Are you kidding me? Why would that be happening?
 --
 View this message in context: 
 http://www.nabble.com/Wicket-really-dumb--Converting---to--amp--in-password-fields--tp14460118p14460118.html
 Sent from the Wicket - User mailing list archive at Nabble.com.


 -
 To unsubscribe, e-mail: [EMAIL PROTECTED]
 For additional commands, e-mail: [EMAIL PROTECTED]



-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



Re: Wicket really dumb? Converting to amp; in password fields?

2007-12-21 Thread Igor Vaynberg
pretty hard to misunderstand Wicket really dumb? :)

-igor


On Dec 21, 2007 10:49 AM, Francisco Diaz Trepat - gmail
[EMAIL PROTECTED] wrote:
 Misunderstandings happen eventually, but Wicket RULEZ, and its community
 too.

 :-)

 my2cents,
 f(t)

 On Dec 21, 2007 3:40 PM, Sergey Podatelev [EMAIL PROTECTED]
 wrote:


  I love the way Wicket community handles such offences :).
 
  --
  sp
 


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



Re: Wicket really dumb? Converting to amp; in password fields?

2007-12-21 Thread fattymelt

Wow. Sorry to have angered the masses. I didn't mean it was a dumb framework
overall, I meant that it seemed to be acting dumb in this particular
instance. At my place of business we call code dumb all the time when it
doesn't do what is typically expected. So, I certainly wasn't trying to
insult wicket as a project.

Anyway, I was surprised to see that wicket was automatically HTML escaping
my post parameters. This seemed very strange. I don't typically right bug
tickets until I get some sort of verification that it is a bug, and not
something I am missing (sometime I am dumb, too).

I'm using wicket 1.2.6, but this problem may be specific to the
wicket-auth-roles package which is also 1.2.6.

I changed the sign-in code that came with that package from

password.getModelObjectAsString()

to

password.getInput()

and all seems well now.



Matej Knopp-2 wrote:
 
 Wicket replaces  with amp; on any place in markup it produces.
 That's how markup document works.  is a beginning of entity and must
 be escaped. In your case the escaping seems to be done twice. That
 might mean a bug in wicket. In that case the proper thing would be
 creating a jira issue instead of calling the framework dumb. And I
 doubt anyone would bother to be kidding you.
 
 -Matej
 
 On Dec 21, 2007 7:23 PM, fattymelt [EMAIL PROTECTED] wrote:

 I've been debugging a (hopefully) unrelated problem when I came across
 this...

 Someone submits passwrd as a password in my login form and the
 back-end
 gets it as passwamp;amp;rd

 Are you kidding me? Why would that be happening?
 --
 View this message in context:
 http://www.nabble.com/Wicket-really-dumb--Converting---to--amp--in-password-fields--tp14460118p14460118.html
 Sent from the Wicket - User mailing list archive at Nabble.com.


 -
 To unsubscribe, e-mail: [EMAIL PROTECTED]
 For additional commands, e-mail: [EMAIL PROTECTED]


 
 -
 To unsubscribe, e-mail: [EMAIL PROTECTED]
 For additional commands, e-mail: [EMAIL PROTECTED]
 
 
 

-- 
View this message in context: 
http://www.nabble.com/Wicket-really-dumb--Converting---to--amp--in-password-fields--tp14460118p14460460.html
Sent from the Wicket - User mailing list archive at Nabble.com.


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



Re: Wicket really dumb? Converting to amp; in password fields?

2007-12-21 Thread Francisco Diaz Trepat - gmail
Misunderstandings happen eventually, but Wicket RULEZ, and its community
too.

:-)

my2cents,
f(t)

On Dec 21, 2007 3:40 PM, Sergey Podatelev [EMAIL PROTECTED]
wrote:

 I love the way Wicket community handles such offences :).

 --
 sp



Re: Wicket really dumb? Converting to amp; in password fields?

2007-12-21 Thread fattymelt

I'm using the wicket-auth-roles package. I see the code that returns the
password is

password.getModelObjectAsString()

perhaps that is mucking with it?



fattymelt wrote:
 
 I've been debugging a (hopefully) unrelated problem when I came across
 this...
 
 Someone submits passwrd as a password in my login form and the back-end
 gets it as passwamp;amp;rd
 
 Are you kidding me? Why would that be happening?
 

-- 
View this message in context: 
http://www.nabble.com/Wicket-really-dumb--Converting---to--amp--in-password-fields--tp14460118p14460170.html
Sent from the Wicket - User mailing list archive at Nabble.com.


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



Re: Wicket really dumb? Converting to amp; in password fields?

2007-12-21 Thread Per Newgro
Hmm, strange tone to get an answer for.

Cheers
Per

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



Re: Wicket really dumb? Converting to amp; in password fields?

2007-12-21 Thread Francisco Diaz Trepat - gmail
right



On Dec 21, 2007 3:36 PM, Per Newgro [EMAIL PROTECTED] wrote:

 Hmm, strange tone to get an answer for.

 Cheers
 Per

 -
 To unsubscribe, e-mail: [EMAIL PROTECTED]
 For additional commands, e-mail: [EMAIL PROTECTED]




Re: Wicket really dumb? Converting to amp; in password fields?

2007-12-21 Thread Francisco Diaz Trepat - gmail
Although I think you didn't angered the masses. We don't like to miss the
oportunity to support Wicket and its community of users and developers.

:-)

Any oportunity ;-)

f(t)

On Dec 21, 2007 3:54 PM, Igor Vaynberg [EMAIL PROTECTED] wrote:

 pretty hard to misunderstand Wicket really dumb? :)

 -igor


 On Dec 21, 2007 10:49 AM, Francisco Diaz Trepat - gmail
  [EMAIL PROTECTED] wrote:
  Misunderstandings happen eventually, but Wicket RULEZ, and its community
  too.
 
  :-)
 
  my2cents,
  f(t)
 
  On Dec 21, 2007 3:40 PM, Sergey Podatelev [EMAIL PROTECTED]
  wrote:
 
 
   I love the way Wicket community handles such offences :).
  
   --
   sp
  
 

  -
 To unsubscribe, e-mail: [EMAIL PROTECTED]
 For additional commands, e-mail: [EMAIL PROTECTED]