I have developed an web app using Spring MVC and jQuery ajax. At time I'm having problem with my ajax call; it's not hitting the specified request mapping but at times it hits it without any problem. I don't know where the problem lies.
Related
I have a Spring MVC application where interceptors are added and it is working fine.
Example:
For https://example.com/some.action is been intercepted and serve.action is been served
I have recently seen request https://example.com/.;/some.action is serving serve.action but not passing through interceptor.
Please help me understand what happens when '/.;/' is passed and why interception doesn't work in that case.
I have to create 2 projects. Web Service and one is Web project.
I created the web service using Rest in spring boot and web project using dynamic web project using Jsp and servlets.
Now I have to consume the web service in web project. How can I do ?
You can do AJAX call from your JSP side to your REST server side using Javascript. You can also use library like JQuery or axios (there MDN versions since you are using JSP) to send REST API calls to your same or any other server. You can follow https://stackoverflow.com/a/44859872/8684299 this answer.
I am creating an application which has a front end developped using Angular, and a backend developped using SpringBoot.
The problem is that the backend has controllers with request mappings and models (services and repositories) and no views , so does it really implement the MVC pattern?
I have read in this article " Spring MVC or Spring Boot" that spring MVC which itslef implements the MVC pattern is a part of spring boot, so basically spring boot is MVC, which is true when you have views and HTML pages in your project, but in my case i can't talk about views since i am sending and recieving JSON data from a restful API.
According to https://www.wikiwand.com/en/Model%E2%80%93view%E2%80%93controller
view means presentation of the model in a particular format.
I think it is good definition. Particular format in case of backend for REST API happen to be JSON or XML.
From the same page
Some web MVC frameworks take a thin client approach that places almost
the entire model, view and controller logic on the server. In this
approach, the client sends either hyperlink requests or form
submissions to the controller and then receives a complete and updated
web page (or other document) from the view; the model exists entirely
on the server.
In your case the View would be the front-end. The View is the presentation of the data in a human understandable way.
So I believe the View in your case would be the front-end app.
I have enabled CSRF in my Spring + Thymeleaf application. The good thing is that Thymeleaf automatically takes care of adding CSRF to every < form > in html. The problem is that Ajax calls submitting those forms are now failing and I want to know if there is a standard solution to this.
The other issue on the other hand is that my application is going to support Restful APIs. When I am enabling CSRF in my application, the authentication from client using API fails.
So the question is that is there a way to enable CSRF for web browsing and disable it for my Restful API?
On the other hand disabling the CSRF makes restful APIs vulnerable to attacks if the attacker knows about them. So what is the best practice here?
Thanks
For First Scenario to submit form using ajax call you need to manually add hidden input generated by csrf in form.
For second case you can exclude some url from interceptor in your case you can exclude url from CSRF interceptor.
exclude tag is present in spring 3.2
<mvc:interceptor>
<mvc:exclude-mapping path="/your_url"/>
</mvc:interceptors>
Currently we have on the server side a spring mvc application.
We need to change the client part and we checking GWT.
Is there a way from the gwt code to call a spring controller?
You can call your Spring controllers by submitting forms. This is the difference between the two architectures: GWT uses javascript on the client side to do the job, and communicates with the server only to grab the necessary data (and send the minimal data), Spring MVC requires an http request on each click, and rebuilds the whole page.
You can keep the Spring MVC logic of submitting a form with the data when the user finishes his job with the page (in GWT it's a module). And have GWT commodities to handle the UI in js until the job is finished (client side validation, interactive experience).
You can submit a "traditional" form in GWT easily. Then your MVC logic will point the user to another "GWT module": (you can see this in action when you switch between Contacts and Mail in Gmail)
To have an idea on what can be done without the server interaction, take a look at this lib where I guarantee you everything is client side (since it's my lib :) ) here: https://code.google.com/p/advanced-suggest-select-box/