[Owasp-csrfguard] Fwd: <csrf:a> tag issue
pradtke at stanford.edu
Thu Jul 12 16:48:58 UTC 2012
You are mixing JSP scriplets with JSTL tags. That is generally
considered bad practice. The JSTL tag only can know EL variables and
won't resolve your scriplet variables.
On 7/11/12 1:04 PM, Amol Walunjkar wrote:
> I am using *<csrf:a>* tag for creating a hyperlink and for its *href
> *attribute I am using jsp expression as below
> <csrf:a href="myservlet?name=*/<%=somename%>/*" ></csrf:a>
> in above statement, "somename" is a jsp variable and provided by using
> jsp expression.
> Now when the form get submitted to the server, the */somename
> /*parameter value does not get transfer properly. Instead of sending the
> runtime value for the variable "somename" it send the value as
> /*This is NOT a problem when using regular <a> tag and only when I am
> using <csrf:a> tag I am getting this problem
> Is it known problem with this tag ?
> Please suggest the solution
> Owasp-csrfguard mailing list
> Owasp-csrfguard at lists.owasp.org
More information about the Owasp-csrfguard