Why setDisallowedFields for id? - Spring loop example

Question

Why setDisallowedFields for id? - Spring loop example

From the Spring API, I realized that @InitBinder used to initialize some binding rules.

In the loop example, why do we have setdisallowed("id") ? when the id is not displayed on the form?

 @InitBinder public void setAllowedFields(WebDataBinder dataBinder) { dataBinder.setDisallowedFields("id"); }

The id field does not appear on the web page, why do we use the above code?

can we say something:

 @InitBinder public void setAllowedFields(WebDataBinder dataBinder) { dataBinder.setDisallowedFields("FirstName"); }

according to the above code, the field of the first name of the owner’s object will not be set if the user enters the form? It is right?

source link

+6

spring spring-mvc

javanoob Sep 27 '10 at 6:12

source share

1 answer

Bozho · Accepted Answer · 2010-09-27T08:02:43+0000

Because it can still be sent if the end user changes the page or request (for example, using FireBug). That way, it can enter values into your related object, even if you don't want to.

Why setDisallowedFields for id? - Spring loop example

More articles: