The <html:form> tag will (or should!) render a hidden field, on your html form, containing the token value.
Paul > -----Original Message----- > From: andy wix [mailto:[EMAIL PROTECTED] > Sent: Wednesday, September 29, 2004 5:18 PM > To: [EMAIL PROTECTED] > Subject: Refresh problem > > > Hi, > > I have a screen which lists some names in a table and has a > delete option > which calls an action to delete the associated name and then > the view page > shows the updated list. > If you do a delete and then select refresh on the browser, > the resulting > request is for another delete which is clearly undesirable. > I am trying to > use tokens to fix this but always get a false from the call to (NOT) > istokenValid (i.e., I cannot now do the delete at all). > > my struts-config enties are: > > <action path="/viewNames" > type="com.me.test.actions.SetTokenAction"> > <forward > name="success" > path="fulluser.names.view"/> > </action> > > <action path="/deleteName" > type="com.me.test.actions.DeleteNameAction"> > <forward > name="success" > path="/do/viewNames"/> > </action> > > and the actions are: > [SetTokenAction] > .... > saveToken(request); > return (mapping.findForward("success")); > > [DeleteNameAction] > > .... > if (!isTokenValid(request)) > return (mapping.findForward("success")); > > // do the delete > ..... > > // reset the token > resetToken(request); > > > When in the view page, both clicking delete and doing a > refresh change the > token's value. > The Action class API states that the 'isTokenValid' method > compares the > session token with the one in the request but I never see one in the > request. > > The logic seems sound so am I missing something (except a > servicable brain)? > > Thanks, > Andy > > _________________________________________________________________ > Express yourself instantly with MSN Messenger! Download today > - it's FREE! > hthttp://messenger.msn.click-url.com/go/onm00200471ave/direct/01/ > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > ********************************************************************** Axios Email Confidentiality Footer Privileged/Confidential Information may be contained in this message. If you are not the addressee indicated in this message (or responsible for delivery of the message to such person), you may not copy or deliver this message to anyone. In such case, you should destroy this message, and notify us immediately. If you or your employer does not consent to Internet email messages of this kind, please advise us immediately. Opinions, conclusions and other information expressed in this message are not given or endorsed by my Company or employer unless otherwise indicated by an authorised representative independent of this message. WARNING: While Axios Systems Ltd takes steps to prevent computer viruses from being transmitted via electronic mail attachments we cannot guarantee that attachments do not contain computer virus code. You are therefore strongly advised to undertake anti virus checks prior to accessing the attachment to this electronic mail. Axios Systems Ltd grants no warranties regarding performance use or quality of any attachment and undertakes no liability for loss or damage howsoever caused. ********************************************************************** --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
