I know that HTTPServletRequest object have GetMethod() but how I will detect that it is not changed by Tamper data/Fidler/Watir.Please suggest me any other way. one more way, I googled is by using GetQueryString() method but lot of the places I have query paramater in my POST request.
Please let me know if you need any more details on the same.
dura cell wrote:Thanks for reply Richard.
I am framing my question "how can I detect that a client is sending me an unwarranted POST request?" I have to display some error on GUI.
I must be missing something ! Any POST request whether warranted or unwarranted will invoke the servlet doPost() method so in that method you decide whether or not the post was "warranted" . You have to provide the logic inside the doPost() method and if unwarranted forward the request to some error page.
Suppose I am the end user of the application I tracked the request through tamper data and changed method from POST to GET. How would I track at server side that it got changed from client side and my doPost() method should not respond it. Any generic way to track this?
dura cell wrote:Thanks for reply.
But its not just data. I want to check with Method type of submission (POST or GET)? User is changing the Method type from POST to GET.
I must still be missing something! If the doGet() method is invoked then the method type was a GET! If the doPost() method is invoked the method type was a POST! If a GET is expected and the user changes that to a POST then it will enter the doPost() method and not the doGet() method so you know that a change has been made. If a POST is expected and the user changes that to a GET then it will enter the doGet() method and not the doPost() method so you know that a change has been made.