| Author |
Section 3.8 of "More Servlets and JSPs"
|
Ricardo Cortes
Ranch Hand
Joined: Jan 23, 2002
Posts: 140
|
|
I am in the middle of reading Marty Hall's "More Servlets and JSPs" and I have reached the end of Chapter 3 with the Travel agent example. In Listing 3.59, he has a big comment in the middle that says:
/** Since password is being sent, use POST only. However,
* the use of POST means that you cannot forward
* the request to a static HTML page, since the forwarded
* request uses the same request method as the original
* one, and static pages cannot handle POST. Solution:
* have the "static" page be a JSP file that contains
* HTML only. That's what accounts.jsp is. The other
* JSP files really need to be dynamically generated,
* since they make use of the customer data.
*/
Can someone please elucidate on this? I am not quite sure what he is talking about. Thanks.
|
Sun Certified J2EE Architect for the J2EE Platform (Part 1)<br />Sun Certified Web Component Developer for the J2EE Platform<br />Sun Certified Programmer for the Java 2 Platform
|
 |
Axel Janssen
Ranch Hand
Joined: Jan 08, 2001
Posts: 2164
|
|
Hi Ricardo,
I don't have this book, but here are my guesses:
- if you send the password with get, it will be urlencoded and visible in the adressline of the browser. http://www.mySite.com?password=mySupersecretPassword
(not a good idea for security reasons).
To process post-data you need some server side code (servlet, jsp) to read the content of the sended fields.
Get parameter-value pairs can be read out by javaScript (s.th. like window.location.href)
|
|
Ricardo Cortes
Ranch Hand
Joined: Jan 23, 2002
Posts: 140
|
|
|
Ah yes. This does help. Thanks!
|
|
 |
|
|
subject: Section 3.8 of "More Servlets and JSPs"
|
|
|
0
