[seam-commits] Seam SVN: r10281 - in trunk: ui/src/main/java/org/jboss/seam/ui/component and 1 other directories.
seam-commits at lists.jboss.org
seam-commits at lists.jboss.org
Fri Apr 3 00:18:49 EDT 2009
Author: dan.j.allen
Date: 2009-04-03 00:18:49 -0400 (Fri, 03 Apr 2009)
New Revision: 10281
Modified:
trunk/doc/Seam_Reference_Guide/en-US/Controls.xml
trunk/ui/src/main/java/org/jboss/seam/ui/component/UIToken.java
trunk/ui/src/main/java/org/jboss/seam/ui/renderkit/TokenRendererBase.java
Log:
add allowMultiplePosts attribute
Modified: trunk/doc/Seam_Reference_Guide/en-US/Controls.xml
===================================================================
--- trunk/doc/Seam_Reference_Guide/en-US/Controls.xml 2009-04-03 03:22:11 UTC (rev 10280)
+++ trunk/doc/Seam_Reference_Guide/en-US/Controls.xml 2009-04-03 04:18:49 UTC (rev 10281)
@@ -881,7 +881,19 @@
that a JavaScript check should be inserted into the page
to verify that cookies are enabled in the browser. If
cookies are not enabled, present a notice to the user that
- form posts will not work.
+ form posts will not work. (default: false)
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ <literal>allowMultiplePosts</literal> — indicates
+ whether to allow the same form to be submitted multiple
+ times with the same signature (as long as the view does
+ not change). This is a common need if the form is perform
+ Ajax calls but not rerendering itself or, at the very
+ least, the UIToken component. The preferred approach is to
+ have the UIToken component rerendered on any Ajax call
+ where the UIToken component would be processed.
(default: false)
</para>
</listitem>
Modified: trunk/ui/src/main/java/org/jboss/seam/ui/component/UIToken.java
===================================================================
--- trunk/ui/src/main/java/org/jboss/seam/ui/component/UIToken.java 2009-04-03 03:22:11 UTC (rev 10280)
+++ trunk/ui/src/main/java/org/jboss/seam/ui/component/UIToken.java 2009-04-03 04:18:49 UTC (rev 10281)
@@ -72,7 +72,7 @@
* Indicates whether the session id should be included in the form signature,
* hence binding the token to the session. This value can be set to false
* if the "build before restore" mode of Facelets is activated (the
- * default in JSF 2.0).
+ * default in JSF 2.0). The default value is false.
*/
public abstract boolean isRequireSession();
@@ -82,11 +82,24 @@
* Indicates whether a JavaScript check should be inserted into the page to
* verify that cookies are enabled in the browser. If cookies are not
* enabled, present a notice to the user that form posts will not work.
+ * The default value is false.
*/
public abstract boolean isEnableCookieNotice();
public abstract void setEnableCookieNotice(boolean state);
+
+ /**
+ * Indicates whether to allow the same form to be submitted multiple times
+ * with the same signature (as long as the view does not change). This is a
+ * common need if the form is perform Ajax calls but not rerendering itself
+ * or, at the very least, the UIToken component. The preferred approach is to
+ * have the UIToken component rerendered on any Ajax call where the UIToken
+ * component would be processed. The default value is false.
+ */
+ public abstract boolean isAllowMultiplePosts();
+ public abstract void setAllowMultiplePosts(boolean allow);
+
/**
* Return the selector that controls the unique browser identifier cookie.
*/
Modified: trunk/ui/src/main/java/org/jboss/seam/ui/renderkit/TokenRendererBase.java
===================================================================
--- trunk/ui/src/main/java/org/jboss/seam/ui/renderkit/TokenRendererBase.java 2009-04-03 03:22:11 UTC (rev 10280)
+++ trunk/ui/src/main/java/org/jboss/seam/ui/renderkit/TokenRendererBase.java 2009-04-03 04:18:49 UTC (rev 10281)
@@ -89,7 +89,7 @@
throw new UnauthorizedCommandException(viewId, "No form signature provided");
}
- if (!requestedViewSig.equals(generateViewSignature(context, form, token.isRequireSession(), clientToken)))
+ if (!requestedViewSig.equals(generateViewSignature(context, form, !token.isAllowMultiplePosts(), token.isRequireSession(), clientToken)))
{
throw new UnauthorizedCommandException(viewId, "Form signature invalid");
}
@@ -115,7 +115,7 @@
writer.startElement(HTML.INPUT_ELEM, component);
writer.writeAttribute(HTML.TYPE_ATTR, HTML.INPUT_TYPE_HIDDEN, HTML.TYPE_ATTR);
writer.writeAttribute(HTML.NAME_ATTR, FORM_SIGNATURE_PARAM, HTML.NAME_ATTR);
- writer.writeAttribute(HTML.VALUE_ATTR, generateViewSignature(context, form, token.isRequireSession(), token.getClientUidSelector().getClientUid()), HTML.VALUE_ATTR);
+ writer.writeAttribute(HTML.VALUE_ATTR, generateViewSignature(context, form, !token.isAllowMultiplePosts(), token.isRequireSession(), token.getClientUidSelector().getClientUid()), HTML.VALUE_ATTR);
writer.endElement(HTML.INPUT_ELEM);
}
@@ -136,9 +136,13 @@
}
}
- private String generateViewSignature(FacesContext context, UIForm form, boolean useSessionId, String saltPhrase)
+ private String generateViewSignature(FacesContext context, UIForm form, boolean useRenderStamp, boolean useSessionId, String saltPhrase)
{
- String rawViewSignature = context.getExternalContext().getRequestContextPath() + "," + context.getViewRoot().getViewId() + "," + form.getClientId(context) + "," + form.getAttributes().get(RENDER_STAMP_ATTR);
+ String rawViewSignature = context.getExternalContext().getRequestContextPath() + "," + context.getViewRoot().getViewId() + "," + form.getClientId(context);
+ if (useRenderStamp)
+ {
+ rawViewSignature += "," + form.getAttributes().get(RENDER_STAMP_ATTR);
+ }
if (useSessionId)
{
rawViewSignature += "," + ((HttpSession) context.getExternalContext().getSession(true)).getId();
More information about the seam-commits
mailing list