JSF 2.0 View Scope后退按钮安全吗? [英] Is JSF 2.0 View Scope back-button safe?

问题描述

JSF 2.0 View Scope的后退按钮"是否安全?例如如果我将模型存储在View Scope中，并从第1页，第2页，第3页到第4页，一路修改模型对象(通过输入字段)，然后按两次返回按钮返回到第2页并进行更改(再次转到第3页)，视图范围中的模型将仅具有最初呈现第2页时所做的更改，还是具有以后页面的更改?

Is the JSF 2.0 View Scope "back button" safe? e.g. if I store a model in View Scope and go from page 1, page 2, page 3, to page 4, modifying the model object along the way (via input fields), and then hit the back button twice to go back to page 2 and make changes (taking me again to page 3), will the model in view scope have only changes that were made when page 2 was originally rendered or will it have later pages' changes?

Oracle ADF拥有/拥有一个称为过程范围"的东西，它通过标记放置在会话中的内容来进行处理，因此每个页面都有其自己的模型副本.

Oracle ADF had/has something called "process scope" that handles this by tokenizing what is placed into session, so each page has its own copy of the model.

推荐答案

首先，将视图范围绑定到特定的页面/视图.多个视图不会共享同一视图范围的Bean.视图范围从初始的GET请求开始，并在POST操作以非null返回值进行导航时停止.

To start, the view scope is bound to a particular page/view. Multiple views won't share the same view scoped bean. The view scope starts with an initial GET request and stops when a POST action navigates with a non-null return value.

通常存在以下情况，具体取决于是否指示浏览器缓存页面以及JSF状态保存配置.我假设这些页面之间的导航是通过POST请求进行的(这听起来很像向导"方案).

There are in general the following scenarios, depending on whether the browser is instructed to cache the page or not and the JSF state saving configuration. I'll assume that the navigation between those pages took place by a POST request (as it sounds much like the "Wizard" scenario).

按下后退按钮时:

• 如果指示浏览器将页面保存在缓存中，则浏览器将从缓存中加载页面.先前输入的所有输入值将从浏览器缓存中重新出现(因此不会从服务器端的视图作用域Bean中出现！).在此页面上执行POST请求时的行为进一步取决于javax.faces.STATE_SAVING_METHOD配置设置:
  • 如果将其设置为server(默认值)，则会出现ViewExpiredException，因为在从一个页面导航到另一页面后，服务器端的视图状态已被废弃.
  • 如果设置为client，则它将正常工作，因为整个视图状态都包含在表单的隐藏输入字段中.
  • If browser is instructed to save the page in cache, then browser will load the page from the cache. All previously entered input values will reappear from the browser cache (thus not from the view scoped bean in the server side!). The behavior when you perform a POST request on this page depends further on the javax.faces.STATE_SAVING_METHOD configuration setting:
    • If set to server (default), then a ViewExpiredException will occur, because the view state is trashed at the server side right after POST navigation from one to other page.
    • If set to client, then it will just work, because the entire view state is contained in a hidden input field of the form.

    在包含有条件渲染的步骤并在向导部分本身提供后退按钮的单个视图上执行向导"方案更加容易.

    It's easier to perform the "Wizard" scenario on a single view which contains conditionally rendered steps and offer a back button on the wizard section itself.

    • javax.faces.application.ViewExpiredException :无法恢复视图
    • 在JSF 2.0中使用什么范围向导模式?
    • javax.faces.application.ViewExpiredException: View could not be restored
    • What scope to use in JSF 2.0 for Wizard pattern?

    这篇关于JSF 2.0 View Scope后退按钮安全吗?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！