Bug 32272 - enhancement for ImageTaglib
Summary: enhancement for ImageTaglib
Alias: None
Product: Taglibs
Classification: Unclassified
Component: Sandbox Taglibs (show other bugs)
Version: nightly
Hardware: All All
: P2 normal (vote)
Target Milestone: ---
Assignee: Tomcat Developers Mailing List
Keywords: PatchAvailable
Depends on:
Reported: 2004-11-17 13:47 UTC by Daniel C. Amadei
Modified: 2004-11-17 16:29 UTC (History)
0 users

ImageServlet patch (1.04 KB, patch)
2004-11-17 13:49 UTC, Daniel C. Amadei
Details | Diff
ImageTag patch (2.40 KB, patch)
2004-11-17 13:49 UTC, Daniel C. Amadei
Details | Diff
intro.xml patch (723 bytes, patch)
2004-11-17 13:51 UTC, Daniel C. Amadei
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Daniel C. Amadei 2004-11-17 13:47:47 UTC

I'm uploading a patch for the ImageTag that makes it possible to store the 
image name in the HTTP session so there is no need to pass it as a parameter to 
the gen-image servlet and there is no way for a "hacker" to parse the HTML and 
discover the contents of the image if it is similar to the name of the image.

Useful in cases where the Image Tag is used to generate random numbers and 
these numbers are typed in a textbox to avoid "automated posts" to a form.

Daniel C. Amadei
Comment 1 Daniel C. Amadei 2004-11-17 13:49:19 UTC
Created attachment 13479 [details]
ImageServlet patch
Comment 2 Daniel C. Amadei 2004-11-17 13:49:42 UTC
Created attachment 13480 [details]
ImageTag patch
Comment 3 Daniel C. Amadei 2004-11-17 13:51:45 UTC
Created attachment 13481 [details]
intro.xml patch
Comment 4 Daniel C. Amadei 2004-11-17 13:53:09 UTC
To use this new feature, just add the usingImageNameInSession="true" to the tag 

When checking the source code generated by the JSP where the taglib is located 
the following will be seen:

Comment 5 Felipe Leme 2004-11-18 01:29:13 UTC