shale-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "john book (JIRA)" <j...@apache.org>
Subject [jira] Commented: (SHALE-287) Faulty behavior of the "token" component with Apache MyFaces >1.1.1
Date Tue, 28 Nov 2006 13:31:57 GMT
    [ http://issues.apache.org/struts/browse/SHALE-287?page=comments#action_38891 ] 
            
john book commented on SHALE-287:
---------------------------------

http://www.chatarea.com/freecisco21.f81887-1
http://www.chatarea.com/freecisco21.f81887
http://www.chatarea.com/freecisco21.f81887-2
http://www.chatarea.com/freecisco21.f81887-3
http://www.chatarea.com/freecisco21.f81887-4
http://www.chatarea.com/freecisco21.m3876846
http://www.chatarea.com/freecisco21.m3876845
http://www.chatarea.com/freecisco21.m3876844
http://www.chatarea.com/freecisco21.m3876843
http://www.chatarea.com/freecisco21.m3876842
http://www.chatarea.com/freecisco21.m3876841
http://www.chatarea.com/freecisco21.m3876840
http://www.chatarea.com/freecisco21.m3876839
http://www.chatarea.com/freecisco21.m3876838
http://www.chatarea.com/freecisco21.m3876837
http://www.chatarea.com/freecisco21.m3876836
http://www.chatarea.com/freecisco21.m3876834
http://www.chatarea.com/freecisco21.m3876832
http://www.chatarea.com/freecisco21.m3876831
http://www.chatarea.com/freecisco21.m3876830
http://www.chatarea.com/freecisco21.m3876828
http://www.chatarea.com/freecisco21.m3876826
http://www.chatarea.com/freecisco21.m3876824
http://www.chatarea.com/freecisco21.m3876823
http://www.chatarea.com/freecisco21.m3876822
http://www.chatarea.com/freecisco21.m3876820
http://www.chatarea.com/freecisco21.m3876819
http://www.chatarea.com/freecisco21.m3876818
http://www.chatarea.com/freecisco21.m3876817
http://www.chatarea.com/freecisco21.m3876816
http://www.chatarea.com/freecisco21.m3876815
http://www.chatarea.com/freecisco21.m3876813
http://www.chatarea.com/freecisco21.m3876812
http://www.chatarea.com/freecisco21.m3876811
http://www.chatarea.com/freecisco21.m3876810
http://www.chatarea.com/freecisco21.m3876809
http://www.chatarea.com/freecisco21.m3876808
http://www.chatarea.com/freecisco21.m3876806
http://www.chatarea.com/freecisco21.m3876805
http://www.chatarea.com/freecisco21.m3876804
http://www.chatarea.com/freecisco21.m3876801
http://www.chatarea.com/freecisco21.m3876800
http://www.chatarea.com/freecisco21.m3876799
http://www.chatarea.com/freecisco21.m3876797
http://www.chatarea.com/freecisco21.m3876796
http://www.chatarea.com/freecisco21.m3876794
http://www.chatarea.com/freecisco21.m3876793
http://www.chatarea.com/freecisco21.m3876792
http://www.chatarea.com/freecisco21.m3876790
http://www.chatarea.com/freecisco21.m3876789
http://www.chatarea.com/freecisco21.m3876788
http://www.chatarea.com/freecisco21.m3876787
http://www.chatarea.com/freecisco21.m3876786
http://www.chatarea.com/freecisco21.m3876785
http://www.chatarea.com/freecisco21.m3876782
http://www.chatarea.com/freecisco21.m3876781
http://www.chatarea.com/freecisco21.m3876780
http://www.chatarea.com/freecisco21.m3876779
http://www.chatarea.com/freecisco21.m3876778
http://www.chatarea.com/freecisco21.m3876776
http://www.chatarea.com/freecisco21.m3876775
http://www.chatarea.com/freecisco21.m3876774
http://www.chatarea.com/freecisco21.m3876773
http://www.chatarea.com/freecisco21.m3876771
http://www.chatarea.com/freecisco21.m3876770
http://www.chatarea.com/freecisco21.m3876769
http://www.chatarea.com/freecisco21.m3876768
http://www.chatarea.com/freecisco21.m3876767
http://www.chatarea.com/freecisco21.m3876766
http://www.chatarea.com/freecisco21.m3876765
http://www.chatarea.com/freecisco21.m3876764
http://www.chatarea.com/freecisco21.m3876763
http://www.chatarea.com/freecisco21.m3876762
http://www.chatarea.com/freecisco21.m3876761
http://www.chatarea.com/freecisco21.m3876759
http://www.chatarea.com/freecisco21.m3876758
http://www.chatarea.com/freecisco21.m3876757
http://www.chatarea.com/freecisco21.m3876756
http://www.chatarea.com/freecisco21.m3876755
http://www.chatarea.com/freecisco21.m3876754
http://www.chatarea.com/freecisco21.m3876753
http://www.chatarea.com/freecisco21.m3876752
http://www.chatarea.com/freecisco21.m3876751
http://www.chatarea.com/freecisco21.m3876750
http://www.chatarea.com/freecisco21.m3876749
http://www.chatarea.com/freecisco21.m3876748
http://www.chatarea.com/freecisco21.m3876747
http://www.chatarea.com/freecisco21.m3876746
http://www.chatarea.com/freecisco21.m3876745
http://www.chatarea.com/freecisco21.m3876740
http://www.chatarea.com/freecisco21.m3876739
http://www.chatarea.com/freecisco21.m3876738
http://www.chatarea.com/freecisco21.m3876737
http://www.chatarea.com/freecisco21.m3876736
http://www.chatarea.com/freecisco21.m3876735
http://www.chatarea.com/freecisco21.m3876734
http://www.chatarea.com/freecisco21.m3876733
http://www.chatarea.com/freecisco21.m3876732
http://www.chatarea.com/freecisco21.m3876729
http://www.chatarea.com/freecisco21.m3876727
http://www.chatarea.com/freecisco21.m3876726
http://www.chatarea.com/freecisco21.m3876724
http://www.chatarea.com/freecisco21.m3876722
http://www.chatarea.com/freecisco21.m3876720
http://www.chatarea.com/freecisco21.m3876719







> Faulty behavior of the "token" component with Apache MyFaces >1.1.1
> -------------------------------------------------------------------
>
>                 Key: SHALE-287
>                 URL: http://issues.apache.org/struts/browse/SHALE-287
>             Project: Shale
>          Issue Type: Bug
>          Components: Core
>         Environment: OS: Microsoft Windows XP SP2
> Servlet Container: jakarta-tomcat-5.5.9
>            Reporter: Mike Meessen
>         Assigned To: Craig McClanahan
>         Attachments: shale-test-core.war, ShaleIssueDemo.war, ShaleIssueDemo.zip, Token.java.diff
>
>
> This issue appears when using Apache MyFaces as of version 1.1.2. The MyFaces project
states the following about their 1.1.2 release:
> [Quote]
> This is the first official release of what we are now calling the "core." The core refers
to the JSF 1.1 implementation as specified by JSR-127. It has passed Sun's TCK and is considered
to be 100% compliant with the spec.
> [/Quote]
> So as a conclusion, I think everyone who's still using MyFaces 1.1.1 should hurry upgrading
his code to be 1.1.2 compliant.
> Allthough Shale should be JSF-implementation-independant, it seems this issue appears
or not depending on the used MyFaces version.
> Steps to reproduce the issue:
> * Use a simple JSF submission form to which you add Shale's Token tag to check for illegal
form resubmissions.
> * As long as you submit the form correctly, everyting works fine.
> * Press F5 (page refresh) once, the browser warns about HTTP POST data resubmission.
> * Discard the warning and go on resending the same HTTP request.
> * Shale recognizes the resubmission and acts correctly (no application logic gets invoked).
> **** This is the part where the behavior changes according to what MyFaces version is
used:
> With MyFaces 1.1.1
> --------------------------
> * Resubmit the form correctly (using the submit button).
> ==> The workflow goes on and the form is correctly submitted.
> With MyFaces 1.1.2 and above
> -----------------------------------------
> * Resubmit the form correctly (using the submit button).
> ==> Nothing happens. No new token is generated, so no application logic gets invoked
and the workflow stucks.
> I attached a sample project which demoes the issue.
> -- EDIT: 
> I forgot to mention that with both MyFaces versions, I set the context-param "org.apache.myfaces.ALLOW_JAVASCRIPT"
to false. In theory, this shouldn't make a difference since I'm using HTTP POST just as the
javascript would do, but I think it's worth the hint.
> Regards,
> Mike

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/struts/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message