You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tapestry.apache.org by Jayaprakash Kannoth <pr...@ebizq.net> on 2005/02/25 21:29:49 UTC
Login Form example error!
I'm new to tapestry , trying out a example Login form from "tapesty in
action". This is the error I get
"Parameter listener (ognl.listeners.formSubmit) is an instance of
java.lang.String, which does not implement interface
org.apache.tapestry.IActionListener."
Where I'm going wrong ?
Thanks
prakash
-----Original Message-----
From: Howard Lewis Ship [mailto:hlship@gmail.com]
Sent: Thursday, February 24, 2005 6:04 PM
To: Tapestry users
Subject: Re: Form field scrubbing
If you don't use <@Insert raw="true"> than peoples mailicious uploaded
<script>malicious</script> will be rendered out as
<script>malicious</> ... is that the kind of thing you are
concerned about?
I suppose a IValidator could identify and/or scrub input as well.
On Thu, 24 Feb 2005 13:58:15 -0800, Jordan Redner <jr...@shopping.com>
wrote:
> Does anyone know of an elegant way to intercept form input fields for
> XSS (cross site scripting) attacks in a single place within a Tapestry
> application?
>
> So... if I have a simple method that does the String scrubbing for
> malicious characters, it would be nice put this in place for all
> String fields and be able to handle these cases with a single,
> handling implementation.
>
> Jordan
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tapestry-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tapestry-user-help@jakarta.apache.org
>
>
--
Howard M. Lewis Ship
Independent J2EE / Open-Source Java Consultant
Creator, Jakarta Tapestry
Creator, Jakarta HiveMind
Professional Tapestry training, mentoring, support
and project work. http://howardlewisship.com
---------------------------------------------------------------------
To unsubscribe, e-mail: tapestry-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tapestry-user-help@jakarta.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: tapestry-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tapestry-user-help@jakarta.apache.org
RE: Login Form example error!
Posted by "Jean C. Favila" <jf...@legosoft.com.mx>.
I'd need more information, but I think you have to change
<form jwcid="@Form" listener="ognl.listeners.formSubmit">
...
to:
<form jwcid="@Form" listener="ognl: listeners.formSubmit">
.
Regards
> -----Original Message-----
> From: Jayaprakash Kannoth [mailto:prakash@ebizq.net]
> Sent: Friday, February 25, 2005 2:30 PM
> To: Tapestry users; Howard Lewis Ship
> Subject: Login Form example error!
>
> I'm new to tapestry , trying out a example Login form from "tapesty in
> action". This is the error I get
>
> "Parameter listener (ognl.listeners.formSubmit) is an instance of
> java.lang.String, which does not implement interface
> org.apache.tapestry.IActionListener."
>
> Where I'm going wrong ?
>
> Thanks
> prakash
>
>
>
>
>
> -----Original Message-----
> From: Howard Lewis Ship [mailto:hlship@gmail.com]
> Sent: Thursday, February 24, 2005 6:04 PM
> To: Tapestry users
> Subject: Re: Form field scrubbing
>
>
> If you don't use <@Insert raw="true"> than peoples mailicious uploaded
> <script>malicious</script> will be rendered out as
> <script>malicious</> ... is that the kind of thing you are
> concerned about?
>
> I suppose a IValidator could identify and/or scrub input as well.
>
>
> On Thu, 24 Feb 2005 13:58:15 -0800, Jordan Redner <jr...@shopping.com>
> wrote:
> > Does anyone know of an elegant way to intercept form input fields for
> > XSS (cross site scripting) attacks in a single place within a Tapestry
>
> > application?
> >
> > So... if I have a simple method that does the String scrubbing for
> > malicious characters, it would be nice put this in place for all
> > String fields and be able to handle these cases with a single,
> > handling implementation.
> >
> > Jordan
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: tapestry-user-unsubscribe@jakarta.apache.org
> > For additional commands, e-mail: tapestry-user-help@jakarta.apache.org
> >
> >
>
>
> --
> Howard M. Lewis Ship
> Independent J2EE / Open-Source Java Consultant
> Creator, Jakarta Tapestry
> Creator, Jakarta HiveMind
>
> Professional Tapestry training, mentoring, support
> and project work. http://howardlewisship.com
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tapestry-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tapestry-user-help@jakarta.apache.org
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tapestry-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tapestry-user-help@jakarta.apache.org
>