On Thu, 16 Aug 2012 06:10:06 -0300, kheldar666 <mar...@liber-mundi.org>
wrote:
Hi all,
Hi!
In AppModule.java
public static void bind(ServiceBinder binder) {
binder.bind(HttpServletRequestFilter.class,
XSSFilterImpl.class).withId("XssFilter");
}
/*
* XSS Filtering
*/
@Contribute(HttpServletRequestHandler.class)
public static void httpServletRequestHandler(OrderedConfiguration
configuration,
@InjectService("XssFilter")
HttpServletRequestFilter
xssFilter) {
configuration.add("XssFilter", xssFilter, "after:IgnoredPaths",
"before:GZIP");
}
Does it really need to be an HttpServletRequestFilter? It will be invoked
for all requests, including resource (images, etc) ones, even the ones
that aren't handle by Tapestry itself. If possible, write a RequestFilter
instead.
In addition, make sure the ordering constraints are sufficient, and from
your description of the problem they are not. In other words, it should
come before the one that handles Tapestry requests.
--
Thiago H. de Paula Figueiredo
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org
For additional commands, e-mail: users-h...@tapestry.apache.org
