Thank you for your reply. Well, yes, but it doesn't answer my question. I'm aware of this, but it specifies only the method the form uses. But when i call the targeted action directly e.g. from browser (and thus use GET method), the action will work as well. Thank you for your suggestions.
Mead Lai wrote: > > . How can i write an action, that only serves GET / > POST requests. > > <s:form method ='post'></s:form> > or > <s:form method ='get'></s:form> > > > On Tue, Oct 28, 2008 at 11:09 AM, esemba <[EMAIL PROTECTED]> wrote: > >> >> I've a simple question. How can i write an action, that only serves GET / >> POST requests. Lets suppose I've an actions that authenticates users. In >> action there are fields username and password, which i set from a form >> via >> post http method. The action works the same as I request URL like >> myAction.action?username=admin&password=blah (the GET way). It is >> definitely >> a security weakness and reminds me php directive register_globals (which >> treats post/get variables the same way and in newer versions is >> deprectated, >> or even not present). Even in servlets there are methods like doPost, >> doGet, >> doXXX, so you can distinguish servlet's behavior for different types of >> requests. I'm pretty sure this has already been solved here, but search >> for >> keywords like "get post method problem" didn't return any reasonable >> threads. >> >> Thank you for your suggestions. >> -- >> View this message in context: >> http://www.nabble.com/-S2--actions-responding-only-to-POST-GET-methods-tp20200721p20200721.html >> Sent from the Struts - User mailing list archive at Nabble.com. >> >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: [EMAIL PROTECTED] >> For additional commands, e-mail: [EMAIL PROTECTED] >> >> > > > -- > BestRegards, > Mead > http://yayisoft.com > > Quentin Crisp - "If at first you don't succeed, failure may be your > style." > > -- View this message in context: http://www.nabble.com/-S2--actions-responding-only-to-POST-GET-methods-tp20200721p20200834.html Sent from the Struts - User mailing list archive at Nabble.com. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
