File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes JSP and the fly likes How to pass a Post parameter using a link? Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » JSP
Bookmark "How to pass a Post parameter using a link?" Watch "How to pass a Post parameter using a link?" New topic
Author

How to pass a Post parameter using a link?

vishnu vyasan
Ranch Hand

Joined: May 27, 2008
Posts: 39
Hi Guys,

I have JSP page from which i am passing a value to another when the user clicks on the link.

.

Now this parameter is passed to another page as a HTTP GET parameter. How can i Send it as a POST Parameter?

I cant use the form and submit.

is there any other way to do it. Can we do it using ajax?

swapnl patil
Ranch Hand

Joined: Aug 13, 2007
Posts: 80
set this parameter in the request object & you will get the same in that JSP using request Object.
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 39547
    
  27
Where do you see the difference between a GET parameter and a POST parameter? Why can't you append the parameter to the URL?


Ping & DNS - updated with new look and Ping home screen widget
Bear Bibeault
Author and ninkuma
Marshal

Joined: Jan 10, 2002
Posts: 60053
    
  65

Cannot be done. You either need to use a form or Ajax to initiate a post.

[Asking smart questions] [Bear's FrontMan] [About Bear] [Books by Bear]
vishnu vyasan
Ranch Hand

Joined: May 27, 2008
Posts: 39
I can't append it to URL since that fails in security testing. The tools we use will capture the get parameters and replace them with some other values and try to extract data from database. Any suggestions ?

I will take a ajax based approach as Bear Bibeault suggested.

I got a solution based on jquery ajax using which i can initiate a POST request on link clicking.

Bear Bibeault
Author and ninkuma
Marshal

Joined: Jan 10, 2002
Posts: 60053
    
  65

A post is no more secure than a get.

You should be basing the choice of GET or POST based upon the nature of the request, not any bogus "security" supposedly provided by post.
Jeanne Boyarsky
internet detective
Marshal

Joined: May 26, 2003
Posts: 29241
    
139

Bear Bibeault wrote:A post is no more secure than a get.

From an application/sniffing point of view, I agree. I did hear of an interesting security difference: Get parameters are part of the URL and therefore show up in the web server access log. If something is only a little sensitive, they may not want it hanging out in the logs.


[Blog] [JavaRanch FAQ] [How To Ask Questions The Smart Way] [Book Promos]
Blogging on Certs: SCEA Part 1, Part 2 & 3, Core Spring 3, OCAJP, OCPJP beta, TOGAF part 1 and part 2
vishnu vyasan
Ranch Hand

Joined: May 27, 2008
Posts: 39
I know even Post parameters are Vulnerable to attacks. We do test application against Cross Site Scripting type of attacks where in such a scenario URL Get parameters will be modified in to scripts.

just an example

http://xyz.com/events_all_en.jsp?id=>'><ScRiPt%20%0a%0d>alert(123)%3B</ScRiPt>

which would give a alert to the user.

The POST would at-least prevent this.

if we want to give our application a max security possible we should implement SSL.
Bear Bibeault
Author and ninkuma
Marshal

Joined: Jan 10, 2002
Posts: 60053
    
  65

vishnu vyasan wrote:which would give a alert to the user.

Only if you don't follow best practices, such as carefully HTML-encoding all unsafe values upon display.

POST will not prevent this issue either.
Bear Bibeault
Author and ninkuma
Marshal

Joined: Jan 10, 2002
Posts: 60053
    
  65

vishnu vyasan wrote:if we want to give our application a max security possible we should implement SSL.

Without SSL, your application has no security.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: How to pass a Post parameter using a link?
 
Similar Threads
parameter passing and display
Accessing HttpRequest Parameteres in ActionForm
Newbie: how to get parameter
URL rewriting and Struts how-to
'POST'ing parameters to another JSP