icyneko
commented
5 years ago Upon further review, our jsp does two things: 1) it sets the results flag 2) it then sets the dispatcher.
I put a system out on the ParamFilteredRequest method and the system out on the body variable does show the dispatch value, However, it does not retain it when it passes through your filter. So I'm wondering if the blacklist is stripping it.
philippebn
Hi there.
My application has a function that displays search results on the same screen, but hidden behind a #results tag that we use to trigger the display of the search results or not, along with normal struts navigation. When applying your filter, when we navigate to a blah.do operation, we're fine. However, when we do blah.do#results, it causes a cascading core dump:
javax.servlet.ServletException: Request[/runSearch] does not contain handler parameter named 'dispatch'. This may be caused by whitespace in the label text.
I'm suspecting it has to do with the regex, which I used the suggested one:
Do you have any suggestions on how to address this issue?