I have a few hidden input fields that, upon sending to the server, automagically appear in the address bar of the browser. Thus when sending the below form to my action:
It always copies my hidden input fields to my url:
Obviously seeing my hidden variables in the address bar makes my eyes bleed but I also want to avoid unnecessary redirects (I think that's what is happening?) and broadcasting this information via GET.
I've tried the following thus far, to no avail:
I have inherited the Stuts 1.3 application, and have tried using form beans as well, without success.
Could some kind soul put me out of my misery by either indicating where in the configuration I can change this functionality or just shoot me?
Don't be bothered about params showing in your URL. They are at worst a hint for a site attacker (which can be extracted most of the time anyway).
First of all GET URLs can be bookmarked so the client jumps in back w/o completing the form again.
Also GET method is less processing power hungry than the POST method, although you have a limitation imposed by the browser on how long the URL must be.
Finally you can do URL Rewrite to hide the params from showing in the address bar and stop bleeding about it :P
Tudor Andrei Raneti wrote:Also GET method is less processing power hungry than the POST method
Not in any meaningful way, though--I wouldn't bother listing that in my pros and cons when I was deciding which. Personally I tend to follow REST as much as possible (and convenient) when deciding between POST and GET. And in general, you don't really want to have destructive operations bookmarkable--too much chance for problems.
subject: Hidden text field values appear in the url/address bar