> On 05.01.11 13:02, "Markus Joschko" <[email protected]> wrote: >>That's for the input side. I am also interested in the output >>verification. >>If I can't rely on my data having a certain format, I need to check >>every property before accessing it. > > I don't understand: if you do validate on input and/or use node types to > enforce a certain schema in your repository, why do you want to validate > it on output again?
Point taken. But, when I understand the documentation of the PostServlet correctly you have to explicitely add an operation parameter to trigger the extension. Can I also validate without relying on the client? Otherwise the data can get into the repository unvalidated if the parameter is forgotten or omitted. > For output, a servlet filter (we are talking about plain standard javax > servlet filters here!) would need to parse the html/response format > created by your JSPs, which is probably a bit too complex ;-) OK, I might have phrased that incorrectly. I wanted to know whether the filter knows enough about an incoming request and if the currentNode object is available to the filter. So the filter can validate and set request attributes which can further be processed by the template. Regards, Markus
