Win a copy of Murach's Python Programming this week in the Jython/Python forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic

What is the best and secure way to pass data from servlet to JSP's?  RSS feed

 
Tom Shypulski
Greenhorn
Posts: 8
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
What is the best and secure way to pass data from servlet to JSP's?
Is it better to pass data attached to the end of a URL from a servlet to JSP? For example http\\:someurl\path\?object=data, and is there a limit when sending data this way. Or is is better to call funtions in the JSP to get the data from a servlet.

How about passing data via session object is ther a limit on size? is it secure?
 
Sebastian Janisch
Ranch Hand
Posts: 1183
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Your approach is totally wrong..

You send data to a JSP using a RequestDispatcher and pass the arguments to the Application, Session, Request or Page scope.

As this all happens on the server, there is no need to think about security issues.
 
Bear Bibeault
Author and ninkuma
Marshal
Posts: 65825
134
IntelliJ IDE Java jQuery Mac Mac OS X
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Indeed, how are you transitioning from your servlet to a JSP? If it's not with a forward, why not?

In any case, you'd most often "pass" the data from the servlet to the JSP by placing it on the request as a scoped variable (with setAttribute).

Under certain circumstances, you could use the session (when the data needs to live beyond the cycle of a single request).

The only time security becomes any sort of issue is when data leaves the server.
 
Tom Shypulski
Greenhorn
Posts: 8
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Ah, Yes! I see my error. I've mixed up the getParameter and getAttribute methods. and how they are used.
Very good thank you.
 
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!