Clever Geek Handbook

Servlet forward after validation and post-redirect-receive failure

One strategy for handling form validation submitted to a Java servlet is to forward back to the original JSP view when validation fails. This allows the user to see that validation failed in the context of the form just submitted (they may not have provided a value for the required field) and then they can try again. However, since this strategy does not follow the well-known Post-Redirect-Get pattern ( http://en.wikipedia.org/wiki/Post/Redirect/Get ), it suffers from the browser history now including a page without a bookmark. If the user later tries to access this page using the History / Back button, they will receive an expired document exception (at least in Firefox 19). How should this be handled? Is there a better way?

Note. The strategy I am describing is actually recommended on the servlet info page: ( stack overflow.site/tags/servlets / ... ). However, there is no mention of browser issues.

Note: This question is similar to: ( JSF PRG with validation error ). He suggests using AJAX for messages. If this is the recommended strategy, perhaps we need to update our servlet virtualization? Not exactly exactly how this would translate from JSF to servlets anyway.

+1


source to share


1 answer


As far as I can tell about switching to bounce checking, flawed and should not be used. Use one of these instead:



  • Keep validation error messages in session and redirect.

  • Use AJAX to Submit Forms

  • Eliminate all validation errors on the client using JavaScript and handle validation errors that hit the server as application errors, and assume that someone is submitting to the server directly without using the claim form, or there is an error in the claim form. If you go to an error page, you have the same problem, but the attackers deserve a hacked browser history. If the session is available, you can fill in the error message in the session and redirect. In any case, it removes the validation from the server in a "normal" operation and wraps up the problem a bit.

+1


source






More articles:


All Articles