You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@wicket.apache.org by "Nathan Hamblen (JIRA)" <ji...@apache.org> on 2008/02/09 22:15:07 UTC

[jira] Commented: (WICKET-1166) add sanity check on form submit for request method

    [ https://issues.apache.org/jira/browse/WICKET-1166?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12567366#action_12567366 ] 

Nathan Hamblen commented on WICKET-1166:
----------------------------------------

I don't know... I think ajax is a more immediate problem. The patch I uploaded throws the exception when a post form is submitted by ajax. So that's already a no-go, unless we're talking about adding some ajax detection to the logic.

Maybe the fix is just to alter the documentation surrounding Form's "method" property to say that it's a recommendation to the markup engine and doesn't guarantee or even influence how the form is processed.

> add sanity check on form submit for request method
> --------------------------------------------------
>
>                 Key: WICKET-1166
>                 URL: https://issues.apache.org/jira/browse/WICKET-1166
>             Project: Wicket
>          Issue Type: Improvement
>          Components: wicket
>    Affects Versions: 1.3.0-rc1
>         Environment: Safari 3
>            Reporter: Nathan Hamblen
>            Assignee: Ate Douma
>            Priority: Minor
>             Fix For: 1.3.2
>
>         Attachments: submit-method.patch
>
>
> When refreshing a frameset that includes an already POST submitted Wicket form in a frame, using the redirect to render strategy, Safari erroneously requests the form's original target by GET, rather than the location that was eventually redirected to. Therefore none of the form values are available in the request object and NPEs will occur trying to access them in places like AbstractConverter.java:55.
> Because Form allows for a particular request method to be specified, I think it should also confirm that the expected method was used instead of waiting for an NPE in validation. The outcome is the same, but the cause of the error (the client) would be more evident in server logs, etc. Patch to come...

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.