WebApp Sec mailing list archives
Re: When GET = POST?
From: Jason Childers <childers_j () yahoo com>
Date: Mon, 11 Nov 2002 10:17:34 -0800 (PST)
J2EE app servers allow for discretionary functionality based on the type of request that comes in, but it's more than common-place to just wrap the methods in question so that there's a single point of entry (or so it seems) into the webapp. Here's an excerpt from the javax.servlet.http.HTTPServlet class for J2EE 1.3.x: "Provides an abstract class to be subclassed to create an HTTP servlet suitable for a Web site. A subclass of HttpServlet must override at least one method, usually one of these: - doGet, if the servlet supports HTTP GET requests - doPost, for HTTP POST requests - doPut, for HTTP PUT requests - doDelete, for HTTP DELETE requests - init and destroy, to manage resources that are held for the life of the servlet - getServletInfo, which the servlet uses to provide information about itself" You can check out the javadocs here: http://java.sun.com/j2ee/sdk_1.3/techdocs/api/index.html Most webapp functionality is almost entirely dependent on doGet and doPost, and most webapps I've seen either wrap one or the other... for example: public class MyServlet extends HTTPServlet { public void doGet (Request req, Response resp) { // just forward this to the doPost method this.doPost(req, resp); } public void doPost (Request req, Response resp) { // do what you want to do with the request here } } Note that the above signatures aren't the exact method signatures, but they indicate the idea. I'm working with the Apache Struts framework right now which hides a lot of the controller implementation from the developer. I haven't take a look to see exactly what they do behind the scenes, whether they wrap functionality or not... but I'm about to, 'cause this thread has gotten me curious. ;) Hope that gives you some idea of how J2EE apps are being developed. Cheers, -Jason __________________________________________________ Do you Yahoo!? U2 on LAUNCH - Exclusive greatest hits videos http://launch.yahoo.com/u2
Current thread:
- When GET = POST? Chris Thomas (Nov 08)
- Re: When GET = POST? Alonso Robles (Nov 09)
- Re: When GET = POST? Jonas Anden (Nov 10)
- Re: When GET = POST? Vincent Janelle (Nov 10)
- Re: When GET = POST? Jonas Anden (Nov 10)
- Re: When GET = POST? David Bullock (Nov 09)
- RE: When GET = POST? Tony Welsh (Nov 09)
- Re: When GET = POST? Adrian Wiesmann (Nov 10)
- Re: When GET = POST? Kevin Spett (Nov 11)
- Re: When GET = POST? Jason Childers (Nov 11)
- Re: When GET = POST? Charles Miller (Nov 11)
- Re: When GET = POST? Jeff Dafoe (Nov 11)
- Re: When GET = POST? Jason Healy (Nov 11)
- Re: When GET = POST? Kevin Spett (Nov 12)
- Re: When GET = POST? Daniel Hedrick (Nov 12)
- Re: When GET = POST? Jeff Dafoe (Nov 11)
- <Possible follow-ups>
- Re: When GET = POST? Steven M. Christey (Nov 11)
- RE: When GET = POST? Glyn Geoghegan (Nov 14)
- RE: When GET = POST? Glyn Geoghegan (Nov 14)
- Re: When GET = POST? Alonso Robles (Nov 09)