I notice that if you submit a form after the session has timed out, Wicket (1.5.4) seems to add the submitted params to the URL of the redirect, resulting in something like:
http://localhost:8080/?0&username=username&form1_hf_0&password=SECRET Is this a bug? If not, is there any workaround for this behavior? I also tried StatelessForm without luck. PS: this is easy to reproduce by tweaking web.xml with: <session-config> <session-timeout>1</session-timeout> </session-config> -- View this message in context: http://apache-wicket.1842946.n4.nabble.com/form-params-appear-in-URL-if-submitted-after-session-timeout-tp4463992p4463992.html Sent from the Users forum mailing list archive at Nabble.com. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
