Uploaded image for project: 'MyFaces Core'
  1. MyFaces Core
  2. MYFACES-164

Server-side state should be held

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Closed
    • Critical
    • Resolution: Fixed
    • 1.0.9m9
    • 1.1.2
    • None
    • None
    • WindowsXP SP2;J2SE1.4.2_07;Tomcat4.1.31

    Description

      "When I navigate back to a form that has previously been submitted, using the browser back button, I need to click the submit button twice in order for the form to actually resubmit".
      In the mailing list (myfaces-user at 15 Nov 2004), Manfred said "This problem does not exist for client-side state saving".
      To be sure, it seems work correctly, but client-side state saving have security problems.
      Client-side state is non encrypted data, so users can see the state, and tamper with it.
      It is necessary to hold sever-side state like JSF-RI 1.1_01 to use MyFaces for secure application.

      Attachments

        Issue Links

          is duplicated by

          Bug - A problem which impairs or prevents the functions of the product. MYFACES-32 Multiple browser window problem with server state saving

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Closed
          relates to

          Bug - A problem which impairs or prevents the functions of the product. MYFACES-543 Problems handling simultaneous request from the same session

          • Major - Major loss of function.
          • Closed

          Activity

            People

              Unassigned Unassigned
              t_yamo yamo
              Votes:
              3 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: