struts-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From (Duncan Harris)
Subject Re: Transaction Token check required before form populate
Date Thu, 01 Jan 1970 00:00:00 GMT

The other thing that seems to be an annoyance is that the
org.apache.struts.taglib.html.TOKEN parameter gets added for
all forms on the page if it is set. I don't want this to happen.
There appears to be no way to easily avoid this without overriding
and replicating the whole of the FormTag.doStartTag() method.

Example when I don't want this is I have a main form which is POSTed,
but an auxiliary navigational form (e.g. drop-down list and Go button)
which is a GET with a clean URL. However the URL is no longer very clean.

Duncan Harris
Hartford, Cheshire, U.K., Tel: 07968 060418
Looking for STRUTS contract work in the U.K. (Duncan Harris) wrote:

> I need my transaction token checking before my form is
> populated.
> Problem here is that I have indexed properties and the valid index range
> may be different at different times. When all is well, the form bean and
> the HTML form correspond, but if the user goes back and re-submits then
> they may not and I can get out of range exceptions.
> I thought I could use the transaction token to guard against this, but
> of course it needs doing before the action perform() method is called.
> I already have a servlet derived from ActionServlet so I thought I could
> do it here, but of course the token checking functions are not available
> from here because they are protected.
> So it seems I have to copy the token checking code.
> Is there a clean way to solve this?
> Or maybe STRUTS needs fixing? Should the token checking functions be 
> static and public?

To unsubscribe, e-mail:   <>
For additional commands, e-mail: <>

View raw message