Our application(based on Apache Wicket framework) actively uses Ajax in the form of AjaxButton, AjaxLinks etc. We want to encode the form data request in Base64 format before form submission and later decode it just after form submission. Basically, only the Base 64 encoded text will be a part of request data.
In other applications which uses javascript and java(struts framework), we have applied the encoding logic in javascript before document.form.submit and then on Java/server side , the decoding logic is applied.
Any idea how can we achieve the same in Apache wicket which follows Ajax form submission logic?
We tried AjaxCallListener but could not get hold of the request data. Hence, could not apply the encoding logic on the request
At the server side it should be easy to intercept the parameters' read by extending ServletWebRequest and overriding generatePostParameters() method.
Wicket uses jQuery to make the Ajax calls. But I see no way how to manipulate the data parameter before making the call.
Related
I'm developing a form with Symfony2 : several text inputs and one file input (for one picture). I have defined some asserts (maxLength, minLength...) in my entity in order to check the form (isValid).
My problem is : if the user puts bad data in text input (text too long or too short...), he still can submit the form, and error and printed but the user have to re-choose his picture.
As I think it's impossible to keep the picture in the form after bad validation, I should maybe check the form in client side (javascript), before submit.
So, is there an automatic way to do this (to forbidden submit until data are correct)? Can we get the assert minLength, maxLength value in twig ?
Thank you !
Ben.
You can use js validation before submitting the data, using some js form validation tools, but this way you need the replicate the validation logic from the server, so if validation rules changes, you need to modify on both server and client side. I recommend this method to reduce the traffic between client-server.
If you don't want this, use ajax form submitting (example here). You still validate the form using symfony, but the page won't refresh, so you won't lose the attached file. But this generates additional traffic to server, and you also need to implement error displaying using javascript.
I am new in Ajax . Want to use Ajax with Json . I am searching the tutorial for this and i find this.
I want to ask is i am in right direction ?
Is both things are same Ajax with Json and Ajax with dojo?
Not the same
Ajax is a technology that send request and accept data asynchronously(do not need to reload page).
You can use JSON or XML to send the data or just use the string.
When you do the Ajax request, any data type(like array, object, number..) except string will lost their data type and become string, so If you want to reserve their type, you must use data transmit format like JSON and XML.
Dojo just a library which have easier method for doing Ajax. You also can use jQuery, Angular,..Whatever even JavaScript native XMLHttpRequest.
I have a simple web application in which I make a call to a java servlet using ajax from a jsp page (via post). In the servlet I take data from the database and formulate a JSON and retreive in the jsp page . I then use eval function to parse the json and display the data in the division using the innerHTML property . Somehow, this approach seems to be vulnerable to xss attacks . Can someone provide some pointers on how XSS attck can be prevented in this use case?
This sounds like DOM Based XSS. There are a few ways of preventing DOM Based XSS. Either you have to html encode the data on the server or the client. HTML encoding data in the database should always be avoided because it changes the value of the data and will affect how the data is sorted, ect. XSS is an output problem so it should be solved by the code that is building the HTML, which in your case is JavaScript.
Newer browsers support JSON.parse().For older browsers use json2.js.
You should also properly encode the JSON so values cannot break out of quotes etc. Find a decent json encoder and use that on the server side.
I want to change the list of available values in a dropdown depending on the value selected in another dropdown and depending on values of certain fields in the model. I want to use JQuery to do this. The only hard part is checking the values in the model. I have been informed that I can do this using Ajax. Does anyone have any idea how I will approach doing this?
AJAX is indeed the technology your looking for. It is used to sent an asynchronous request from the client browser to the server.
jQuery has an ajax function that you can use to start such a request. In your controller you can have a regular method tagged with the [HttpPostAttribute] to respond to your AJAX request.
Most of the time you will return a JSON result from your Controller to your view. Think of JSON as something similar to XML but easier to work with from a browser. The browser will receive the JSON and can then parse the results to do something like showing a message or replacing some HTML in the browser.
Here you can find a nice example of how to use it all together.
I have a JSP page which has a form with an input text. When I submit, it goes to a servlet. The servlet processes and creates some objects and sets in request using request.setAttribute(). It then forwards to a page which has some custom JSP tags which use the objects set in servlet.
I want to replace this by Ajax. I have implemented it as follows:
First, the form is submitted through Ajax using POST, the objects which were set earlier using request.setAttribute() are converted to JSON string and sent as response. On success, there is another Ajax GET call to a JSP page which has my custom tags and the JSON string is passed as parameter. The response of this Ajax call is set inside a div.
But it are two Ajax requests. How can I make it a single Ajax request instead?
As per the comments, you just need to let the first request forward to the desired JSP instead of returning the JSON string which you in turn pass back to the JSP.
request.getRequestDispatcher("/WEB-INF/next.jsp?jsonstring=" + jsonstring).forward(request, response);