[seam-dev] Extended validation constraints

Shane Bryzak sbryzak at redhat.com
Sun Jun 12 09:15:36 EDT 2011 

I would like to see it in 4.2, but that's just because I need it for a 
new Seam app I'm working on ;)  As for where it belongs, I'm not sure.. 
that's really up to Hardy and team to decide... off the top of my head I 
can't think of any particular other validations besides @WebSafe, 
however I'm sure that there will be other useful validations that would 
be worth implementing and possibly a HV Commons module would be the 
right place for them.

Shane


On 12/06/11 20:31, Gunnar Morling wrote:
> Hi Shane,
>
> the @WebSafe constraint is a great idea.
>
> I'm not totally sure what the right place for it would be, though. The
> constraints we have in HV so far are independent from any application
> layer. @WebSafe would be the first one specific to the web layer. You
> mentioned possible other constraints, do you have something specific
> in mind already?
>
> Maybe it would also be a good idea to have a separate library
> exclusively for custom constraints which could be used from everywhere
> ("HV Commons" or similar).
>
> I'm also CC'ing Hardy and Kevin from the HV team. What do you guys
> think? There is already a pull request with the constraint at GitHub.
> We already have a CR for 4.2. If we decide to add @WebSafe to HV do
> you think we should add this in 4.2 or to the next release?
>
> --Gunnar
>
>
> 2011/6/10 Shane Bryzak<sbryzak at redhat.com>:
>> Sure, if you think it's suitable.  Seam Validation is based on HV anyways.
>>
>> On 10/06/11 18:32, Emmanuel Bernard wrote:
>>> Why not in Hibernate Validator?
>>>
>>> On 10 juin 2011, at 10:02, Shane Bryzak wrote:
>>>
>>>> Hi Gunnar,
>>>>
>>>> I had an idea today for a new validation constraint called @WebSafe - in
>>>> summary what it would do is validate a rich text value provided by the
>>>> user to ensure that it contains no malicious code, such as embedded
>>>> <script>    elements.  The implementation for this would use JTidy to
>>>> convert the value to a DOM tree, after which it would walk the nodes of
>>>> the tree and locate any<script>    tags, and if any are present the
>>>> validation would fail.
>>>>
>>>> Anyway, the implementation isn't so important - what I was wondering
>>>> though is whether you think something like this would be useful to have
>>>> in the Seam Validation module.  I tend to think that it would be (and we
>>>> can probably come up with quite a few other useful validation
>>>> constraints also) but I would like to know what you think about this.
>>>>
>>>> Shane
>>>> _______________________________________________
>>>> seam-dev mailing list
>>>> seam-dev at lists.jboss.org
>>>> https://lists.jboss.org/mailman/listinfo/seam-dev
>>

More information about the seam-dev mailing list