Dissecting Java Server Faces for Penetration Testing - SecNiche ...
Dissecting Java Server Faces for Penetration Testing - SecNiche ...
Dissecting Java Server Faces for Penetration Testing - SecNiche ...
- No tags were found...
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
In this particular example, a regular expression is being used to limit the zipcode to five digits. Notice that you can include an error message as well, and allof this is done within the .xhtml page itself. A similar example using Facelets[17] is presented in listing 7.Listing 7: Generic Facelets ExampleThe JSF Reference Implementation (RI), codenamed ”Mojarra”, comes withits own tag library that also leverages regular expressions. Mojarra’s will per<strong>for</strong>m the same operation as discussed above. Furthermore,Mojarra’s tag library is armed with an tovalidate the proper <strong>for</strong>mat of credit cards [18].4.6.2 JSF 2.0 ValidationJSF 2.0 contains a collection of tags called validators. These are built in to theJSF 2.0 core library. JSF developers will find the following tags particularlyuseful <strong>for</strong> data validation:• : use this to validate that input falls between a minimumand maximum length• : use this to validate that numeric input fallsbetween a minimum and maximum value• : similar to validateLongRange, but used <strong>for</strong>double values• : use this to leverage regular expression validationHere is an example of JSF validators in use as presented in listing 8.User ID : User ID :Listing 8: Generic Usage of JSF Validators17