Grails 2.5.6.
I use the filter class to check all my requests for XSS attacks. If the parameter can be harmful, we simply do not forward the request to the required interface.
This workflow works fine unless you use a command object as an argument to an interface. The variable is simply empty and without any parameters.
if (paramsValid) {
chain.doFilter(request, response)
}else {
println("ERROR");
response.setContentType("application/json");
response.setCharacterEncoding("utf-8");
PrintWriter out = response.getWriter();
response.setStatus(400);
out.print('{"success": false, "data": "Error validating request parameters"}');
out.flush();
return;
}
Then inside the controller interface:
def save(MappingCmd mapping) {
println(mapping);
The members of the mappingCmd class are always empty. Functionally works fine without a filter. How can I do this job?
Jacob source
share