在Safari中使用iframe时,Glassfish 3.1上的JSF 2.0 ViewExpiredException [英] JSF 2.0 ViewExpiredException on Glassfish 3.1 when using iframe in Safari
问题描述
我有一个在glassfish 3.1上运行的JSF 2.0 Web应用程序,可以在IE,FF,Safari和Chrome上正常运行。
I have a JSF 2.0 web application running on glassfish 3.1 that is working fine on IE, FF, Safari and Chrome.
当我添加网站的网址时在另一个网站的iframe内部,然后我点击iframe中的任何按钮后得到ViewExpiredException - 这只发生在Safari上,在IE,FF,Chrome中正常工作。
When I added the url of my website inside a iframe of another website then I am getting ViewExpiredException after clicking any button inside iframe - This happens only on Safari, works fine in IE, FF, Chrome.
<iframe style="width: 100%; height: 800px" src="url_of_my_website" frameBorder="0"></iframe>
以下是我的观察
- 在glassfish 3.0.1上部署相同的应用程序并且问题不会发生
- 如果我打开没有框架的网站,无论浏览器如何都能正常工作
- 使用JSF1.2和RF 3.3.3开发相同的应用程序并且问题不会发生
根据我的理解,当会话过期的页面上执行任何操作时,我们会收到ViewExpiredException。但在这种特殊情况下,它恰好在网站加载后发生。
As per my understanding, we get ViewExpiredException when any action is performed on a page whose session is expired. But in this particular case it happens just after the website gets load loaded.
我不确定导致它的原因。它是Safari / JSF 2.0 / GF 3.1 / IFRAME吗?
I'm not sure about what's causing it. Is it Safari/JSF 2.0/GF 3.1/IFRAME?
更新:
我发现了一个有趣的问题。在我的主页上,我有一个h:commandLink,它将我重定向到一个新页面。此外,我有一个href链接重定向到其他页面。当我点击commandLink时,我收到了ViewExpiredException但是当我点击href链接时,我没有得到任何异常,页面被重定向,我可以继续进行进一步的操作,因为会话cookie已经建立。
Update: I found an interesting problem. On my home page, I have a h:commandLink that redirects me to a new page. Also, I have a href link to redirect to some other page. When I click on the commandLink, I'm getting ViewExpiredException but when I click on href link, I'm not getting any exceptions and the page is redirected and I can proceed with further operations as session cookie is getting established.
推荐答案
这确实是已知问题。 Safari不允许跨域cookie。此浏览器只会忽略iframe提供的任何Cookie。 HTTP会话由cookie支持。所以它也不会被维护。因此,当您在iframe中提交JSF表单时,Safari将不会发回会话cookie,服务器端将隐式创建新会话,因此在初始会话中设置的视图完全丢失。因此 ViewExpiredException 。
This is indeed a known problem. Safari does not allow crossdomain cookies. Any cookies delivered by an iframe will just be ignored by this browser. The HTTP session is backed by a cookie. So it won't be maintained as well. Thus, when you submit a JSF form inside an iframe, then Safari won't send the session cookie back and the server side will implicitly create a new session and thus the view which was set in the initial session is completely lost. Hence the ViewExpiredException.
理论上,这可以解决为包含 JSESSIONID 片段在JSF生成的HTML < form> 元素的 action URL中。例如,
In theory, this can be solved to include the JSESSIONID fragment in the action URL of the JSF-generated HTML <form> element. E.g.
<form action="/context/page.xhtml;JSESSIONID=1234567890ABCDEF">
然而,JSF已经这样做了。它使用了 HttpServletResponse #creditURL() 。它在JSF 2上不起作用,而它显然在JSF 1.2上运行对我来说是一个谜。但你现在至少要集中注意力。 HttpServletResponse #creditURL()在 JSESSIONID 里面返回正确编码的URL吗?生成的HTML < form> 是否包含 JSESSIONID ?等等。使用Mojarra时,在调试时以 FormRenderer#getActionStr()方法开始。
However, JSF already does that. It uses under the covers HttpServletResponse#encodeURL() for that. That it didn't work for you on JSF 2 while it apparently worked on JSF 1.2 is for me a mystery. But you have now at least something to concentrate on. Did HttpServletResponse#encodeURL() return the properly encoded URL with JSESSIONID inside? Does the generated HTML <form> include the JSESSIONID? Etc. When using Mojarra, start with FormRenderer#getActionStr() method while debugging.
无论如何,另一个解决方案是为此使用JavaScript。在加载要在iframe中显示的JSF页面时执行以下操作。应在JSF页面中嵌入以下脚本启动示例,以便评估#{} 。
Anyway, another solution is to use JavaScript for this. Do something like the following during onload of the JSF page which is to be displayed inside an iframe. The following script kickoff example should be embedded inside the JSF page so that #{} will be evaluated.
window.onload = function() {
if (top != self) { // If true, then page is been requested inside an iframe.
var jsessionid = '#{session.id}';
var forms = document.forms;
for (var i = 0; i < forms.length; i++) {
forms[i].action += ';JSESSIONID=' + jsessionid;
}
}
}
此应不会损害Safari以外的浏览器。
This should not harm browsers other than Safari.
这篇关于在Safari中使用iframe时,Glassfish 3.1上的JSF 2.0 ViewExpiredException的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
