Menu
I am creating a calculator where a user can do the various operations by clicking on virtual numpad. Now I want to restrict the user to only select the various characters by clicking on the buttons and s/he should not be able to enter the values using keyboard. I tried using readonly="true" but it is neither validating the input nor setting the values in the bean when we click on any button.
Do we have any such restrictions available in jsf?
734
That's the effect of JSF's safeguard against tampered/attacked requests wherein the hacker attempts to circumvent the readonly (and disabled) attribute by manipulating the HTML DOM and/or the HTTP request.
Instead of
<x:inputXxx ... readonly="true">
use
<x:inputXxx ... readonly="#{facesContext.currentPhaseId.ordinal eq 6}">
or
<x:inputXxx ... readonly="#{not facesContext.postback or facesContext.renderResponse}">
This makes sure that readonly is only effective during render response phase and not during all other JSF phases. So, when JSF is about to decode the input component during the apply request values phase, it will consider readonly="false" this way.
#{facesContext.currentPhaseId.ordinal}
118
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
