You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@struts.apache.org by Andy Sykes <a....@ucl.ac.uk> on 2009/04/30 21:47:56 UTC
OGNL & DisplayTag = inappropriate expressions
Hi all,
Is there a way to prevent OGNL from analysing GET parameters as
expressions?
Reason for asking:
DisplayTag generates URLs like this: action?d-49653-p=2
I'm getting tons of errors in the log, where it looks like OGNL is
trying to evaluate this as: (d minus 49653 minus p). Naturally, this
makes it throw ognl.InappropriateExpressionException any time a user
loads a page with a DisplayTag table in it, which is incredibly
annoying.
Thoughts?
Andy.
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org
Re: OGNL & DisplayTag = inappropriate expressions
Posted by Andy Sykes <a....@ucl.ac.uk>.
Ah, of course. I forgot about that.
Thanks. Next time I'll remember to search the list first..
A.
On 30 Apr 2009, at 21:10, Musachy Barroso wrote:
> The parameters interceptor has an attribute (excludeParams), that can
> take a list of regular expressions. Any param whose name matches on of
> the regex, will be ignored. We should make a FAQ out of this question.
>
> musachy
>
> On Thu, Apr 30, 2009 at 3:47 PM, Andy Sykes <a....@ucl.ac.uk> wrote:
>> Hi all,
>>
>> Is there a way to prevent OGNL from analysing GET parameters as
>> expressions?
>>
>> Reason for asking:
>>
>> DisplayTag generates URLs like this: action?d-49653-p=2
>>
>> I'm getting tons of errors in the log, where it looks like OGNL is
>> trying to
>> evaluate this as: (d minus 49653 minus p). Naturally, this makes it
>> throw
>> ognl.InappropriateExpressionException any time a user loads a page
>> with a
>> DisplayTag table in it, which is incredibly annoying.
>>
>> Thoughts?
>>
>> Andy.
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
>> For additional commands, e-mail: user-help@struts.apache.org
>>
>>
>
>
>
> --
> "Hey you! Would you help me to carry the stone?" Pink Floyd
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> For additional commands, e-mail: user-help@struts.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org
RE: OGNL in HTML tags
Posted by Jon Pearson <Jo...@sixnet.com>.
> > Dave Newton wrote:
> > > <tr class="<s:property value="%{getStatus(deviceID)}"/>">
> >
> > Minor addendum:
> >
> > IMO when iterating over a collection of model objects a
> status lookup
> > like this would be a matter of querying the device, rather than
> > providing a lookup based on the device ID.
> >
> > If device statuses need to be mapped to CSS classnames I'd pass the
> > device itself to a utility translation method rather than
> forcing the
> > translator to look up the device.
> >
> > This moves the generation of view-level data out of the
> device model,
> > eliminates the need to look up a device that already exists as a
> > model, and provides a measure of type safety (Java's OOP,
> after all).
> >
> > The utility class could be used as shown, or in a JSP-based custom
> > tag, which can significantly clean up the view layer
> depending on your
> > requirements and/or implementation.
> >
> > Dave
>
> I would like to do that, but if I have a Device object on the
> top of the value stack (or perhaps somewhere near the top),
> how would I grab that and pass it to the function? I just
> tried this and it didn't work:
>
> <tr class="<s:property value="%{getStatus([0])}" />">
>
> (after modifying the function to take a Device instead of an
> ID number).
Nevermind, I figured it out:
<s:iterator value="devices" var="dev">
<tr class="<s:property value="%{getStatus(#dev)}" />">
...
</tr>
</s:iterator>
Thanks for your suggestion!
~Jonathan
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org
RE: OGNL in HTML tags
Posted by Jon Pearson <Jo...@sixnet.com>.
> Dave Newton wrote:
> > <tr class="<s:property value="%{getStatus(deviceID)}"/>">
>
> Minor addendum:
>
> IMO when iterating over a collection of model objects a
> status lookup like this would be a matter of querying the
> device, rather than providing a lookup based on the device ID.
>
> If device statuses need to be mapped to CSS classnames I'd
> pass the device itself to a utility translation method rather
> than forcing the translator to look up the device.
>
> This moves the generation of view-level data out of the
> device model, eliminates the need to look up a device that
> already exists as a model, and provides a measure of type
> safety (Java's OOP, after all).
>
> The utility class could be used as shown, or in a JSP-based
> custom tag, which can significantly clean up the view layer
> depending on your requirements and/or implementation.
>
> Dave
I would like to do that, but if I have a Device object on the top of the
value stack (or perhaps somewhere near the top), how would I grab that
and pass it to the function? I just tried this and it didn't work:
<tr class="<s:property value="%{getStatus([0])}" />">
(after modifying the function to take a Device instead of an ID number).
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org
Re: OGNL in HTML tags
Posted by Dave Newton <ne...@yahoo.com>.
Dave Newton wrote:
> <tr class="<s:property value="%{getStatus(deviceID)}"/>">
Minor addendum:
IMO when iterating over a collection of model objects a status lookup
like this would be a matter of querying the device, rather than
providing a lookup based on the device ID.
If device statuses need to be mapped to CSS classnames I'd pass the
device itself to a utility translation method rather than forcing the
translator to look up the device.
This moves the generation of view-level data out of the device model,
eliminates the need to look up a device that already exists as a model,
and provides a measure of type safety (Java's OOP, after all).
The utility class could be used as shown, or in a JSP-based custom tag,
which can significantly clean up the view layer depending on your
requirements and/or implementation.
Dave
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org
RE: OGNL in HTML tags
Posted by Jon Pearson <Jo...@sixnet.com>.
> > I'm trying to colorize table rows in a JSP based on the result of a
> > function call into the Action. Here's what I want to do:
> >
> > <tr class="%{getStatus(deviceID)}">
> > ...
> > </tr>
> >
> > And have the function "String getStatus(long deviceID) {
> ... }" look
> > up the status of a device and return a CSS class name (such as
> > 'normal', 'warning', or 'error').
> >
> > But OGNL doesn't execute in non-Struts2 tags... Is there a
> > straightforward way to do this? At the moment, I'm thinking
> I need to
> > implement my own tag library that will add a Struts2-like "tr" tag.
>
> <tr class="<s:property value="%{getStatus(deviceID)}"/>">
>
> Dave
Thanks, that worked.
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org
Re: OGNL in HTML tags
Posted by Dave Newton <ne...@yahoo.com>.
Jon Pearson wrote:
> I'm trying to colorize table rows in a JSP based on the result of a
> function call into the Action. Here's what I want to do:
>
> <tr class="%{getStatus(deviceID)}">
> ...
> </tr>
>
> And have the function "String getStatus(long deviceID) { ... }" look up
> the status of a device and return a CSS class name (such as 'normal',
> 'warning', or 'error').
>
> But OGNL doesn't execute in non-Struts2 tags... Is there a
> straightforward way to do this? At the moment, I'm thinking I need to
> implement my own tag library that will add a Struts2-like "tr" tag.
<tr class="<s:property value="%{getStatus(deviceID)}"/>">
Dave
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org
OGNL in HTML tags
Posted by Jon Pearson <Jo...@sixnet.com>.
I'm trying to colorize table rows in a JSP based on the result of a
function call into the Action. Here's what I want to do:
<tr class="%{getStatus(deviceID)}">
...
</tr>
And have the function "String getStatus(long deviceID) { ... }" look up
the status of a device and return a CSS class name (such as 'normal',
'warning', or 'error').
But OGNL doesn't execute in non-Struts2 tags... Is there a
straightforward way to do this? At the moment, I'm thinking I need to
implement my own tag library that will add a Struts2-like "tr" tag.
Thanks!
~Jonathan
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org
Re: OGNL & DisplayTag = inappropriate expressions
Posted by Musachy Barroso <mu...@gmail.com>.
The parameters interceptor has an attribute (excludeParams), that can
take a list of regular expressions. Any param whose name matches on of
the regex, will be ignored. We should make a FAQ out of this question.
musachy
On Thu, Apr 30, 2009 at 3:47 PM, Andy Sykes <a....@ucl.ac.uk> wrote:
> Hi all,
>
> Is there a way to prevent OGNL from analysing GET parameters as expressions?
>
> Reason for asking:
>
> DisplayTag generates URLs like this: action?d-49653-p=2
>
> I'm getting tons of errors in the log, where it looks like OGNL is trying to
> evaluate this as: (d minus 49653 minus p). Naturally, this makes it throw
> ognl.InappropriateExpressionException any time a user loads a page with a
> DisplayTag table in it, which is incredibly annoying.
>
> Thoughts?
>
> Andy.
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> For additional commands, e-mail: user-help@struts.apache.org
>
>
--
"Hey you! Would you help me to carry the stone?" Pink Floyd
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org