Posts Tagged: spring-mvc

(I have recently encountered this with Spring 3.1) Want to validate your forms using Spring? Are you using the form tag and bind it with an object? Got the validator working? But still you just can’t seem to get these error messages showing up? Here is a gotcha that might help you out! Consider this controller: [sourcecode language=”java”] @Controller public class FormController { @RequestMapping("/form") public ModelAndView handleGet(@Valid TellAFriendForm backingForm, BindingResult bindingResult) { ModelAndView modelAndView = new ModelAndView("backingForm"); modelAndView.addObject("backingForm", backingForm); modelAndView.addObject("result", bindingResult); return modelAndView; } } [/sourcecode] With this jsp: [sourcecode language=”java”] <form:form method="POST" commandName="myForm" action="?">… Read Article →

Recently I have had the opportunity to fix a cross-site-scripting problem. The problem: a lot of JSON objects are being sent over the wire and the data is not being html escaped. This means that anyone who would put html data IN would get it out and make any user vulnerable for XSS attacks. In this case, JSON objects are being created by using the MappingJacksonHttpMessageConverter. This is deliverd by the Spring framework. Normally it is instantiated when you use spring-mvc (using the mvc-annotation tag). This allowed us to just return an object and the… Read Article →

Scroll To Top