Prince Manchanda wrote:We implemented OWASP's CSRFGuard to protect our pages in the web application. For example */myCsrfProtected.jsp. We have injected CSRF token at all occurrences of */myCsrfProtected.jsp within the application. Everything works fine.
However, we have other use case where the link to this protected page is sent out to users in an email. Think about a link to a report. Now when user clicks on this link, the token is missing or invalid and hence the CSRFGuard filter blocks the request assuming this to be a CSRF attack. (this is what filter has been implemented for :-) )
Is there any way to handle this use case and allow access to CSRF protected page from outside the application.
Arun Giridhar wrote:I have no friends in my life (live alone), the only friend i have is javaranch (aka ranchers) and i don't know many things ..... I was developing Technical skills (Many people were much better then me technically).
Tiya Khambadkone wrote:I want to write a java code that will
1. go a path (eg: C:/dev/myxmls)
2. pick one by one all files (all are having *.xml extension) from 'myxmls' folder
3. print that file name on console (System.out.printly(filename))
We would much rather see you post your own code, working or not, and give you tips to help you get it working or point you toward resources that will help you to learn how to solve your problem using best practices.
Brian Wheeler wrote:
Tim McGuire wrote:
Brian Wheeler wrote:Hey Everyone,
I got my client side validation to work using this example provided here RichFaces Client Side Validation
Notice, that there is no validation errors until you type and click out of that input form. Not a use case I want.
I'm trying to validate the input forms during an on submit action. Similar to to example provided here. rich:message demo
Using the above example source code, the problem I'm having is when I click the submit button nothing happens. No validation error and no submit action. Am I missing something? Can someone experienced with what I'm trying to do give me some feedback?
Thanks in Advance.
To be clear, you want validation to happen when you click submit button? I can't give feedback unless I see the code you use. Can you post the code that you are using?
Hey Tim,
Yes, I would like it to validate on the client side on submit, if validation pass submit form. Currently, it validates when you type text and move focus outside the form. I think this is default behavior. Here's the code snippet.
xhtml
bean
Brian Wheeler wrote:Hey Everyone,
I got my client side validation to work using this example provided here RichFaces Client Side Validation
Notice, that there is no validation errors until you type and click out of that input form. Not a use case I want.
I'm trying to validate the input forms during an on submit action. Similar to to example provided here. rich:message demo
Using the above example source code, the problem I'm having is when I click the submit button nothing happens. No validation error and no submit action. Am I missing something? Can someone experienced with what I'm trying to do give me some feedback?
Thanks in Advance.
Santhi Muthusamy wrote:Hi,
I have sample.war deployed and running in tomcat. I have some contents added to webapps/sample/data. When i redeploy(auto) any new war i do not want to overwrite this folder (data). is it possible with tomcat?
mark I thomas wrote:I already tested my code (by the way it was not from any google..). But I didn't feel 100% sure if I can overwrite an existing timeinMillion so I don't know if there is any potential problem -- and that's why I posted the question.
Tim's response started with "Not really..." puzzled me because I didn't know what that "not really.." menas so I was interested in hearing more from that part but unfortunately I didn't get any insight from him.
I thought when someone said "not really..." he must have something interesting in his mind and that's what I expected to hear and discuss with that person.
Tim's second email even confused me more --- It seems he was asking me "If you think there is no problem then why bother asking ?" Well, Most people believe they write the correct code but people still do code review in team, your peers may identify some potential issue that you don't see -- That's exactly why I posted that question.
I think I am very cool.