Hi, Yeah, that's a good post from Rick. I'm also hesitant to add this to Tomcat just for a little performance gain: the portability losses are big. As for users who can't wait and click multiple times: numerous studies and my personal experience show it's always better to deal with this at the UI level (e.g. disable the button when it's clicked), so I don't buy that motivation.
Yoav Shapira http://www.yoavshapira.com >-----Original Message----- >From: Rick Knowles [mailto:[EMAIL PROTECTED] >Sent: Wednesday, October 27, 2004 11:24 AM >To: Tomcat Developers List >Subject: Re: method to protect webapps from users > >Peter, > >Is there anything you're doing with the request / response objects that >you couldn't do with Request/ResponseWrappers ? You could have your >filter populate a Request / Response Wrapper pair on the first request, >and then set the wrapper's request object to the second request when it >comes in. The effect would be that the second request could mimic the >first if you override the wrapper's methods to return the values from >the first request instead of the second. > >Note this is just another suggested option, with a view to preserving >the container agnosticism - personally I think container agnosticism is >a huge advantage, and I'd suggest trying to preserve it in your code if >you can. Don't make it container specific unless you absolutely have no >choice. > >There's a lot you can do with wrappers and faked input/output streams to >achieve the kind of goals you mentioned without tying it to a container. >I'll leave it for you to decide whether it's a better design choice or >not - no doubt others on this list would disagree with the above >approach, but I had to at least offer it. > >Rick > >-- >Servlet v2.4 container in a single 140KB jar file ? Try Winstone >(http://winstone.sf.net/) > > >--------------------------------------------------------------------- >To unsubscribe, e-mail: [EMAIL PROTECTED] >For additional commands, e-mail: [EMAIL PROTECTED] This e-mail, including any attachments, is a confidential business communication, and may contain information that is confidential, proprietary and/or privileged. This e-mail is intended only for the individual(s) to whom it is addressed, and may not be saved, copied, printed, disclosed or used by anyone else. If you are not the(an) intended recipient, please immediately delete this e-mail from your computer system and notify the sender. Thank you. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
