Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [faces-dev] Consider deprecating and dropping h:form prependId

+1

Kito Mann via faces-dev <faces-dev@xxxxxxxxxxx> escreveu (segunda, 6/01/2025 à(s) 16:58):
+1

___

Kito D. Mann | @kito99@mastodon.social LinkedIn
Java Champion | Google Developer Expert Alumni 
Expert consulting and training: Cloud architecture and modernization, Java/Jakarta EE, Web Components, Angular, Mobile Web
Virtua, Inc. | virtua.tech
+1 203-998-0403

* Enterprise development, front and back. Listen to Stackd Podcast.
* Speak at conferences? Check out SpeakerTrax.
On Jan 5, 2025 at 11:27 AM -0500, Manfred Riem via faces-dev <faces-dev@xxxxxxxxxxx>, wrote:

Go for it!

 

From: faces-dev <faces-dev-bounces@xxxxxxxxxxx> On Behalf Of Bauke Scholtz via faces-dev
Sent: Saturday, January 4, 2025 6:21 AM
To: faces developer discussions <faces-dev@xxxxxxxxxxx>
Cc: Bauke Scholtz <balusc@xxxxxxxxx>
Subject: [faces-dev] Consider deprecating and dropping h:form prependId

 

All,

 

Historically, `<h:form prependId="false">` was introduced in JSF 1.2 as sort of patch in order to be able to submit to the predefined URI `j_security_check` using a JSF form because that URI expects the exact input field names `username` and `password` without any (generated) prefix.

Since the introduction of programmatic login API `HttpServletRequest#login()` in Servlet 3.0, released at the same time as JSF 2.0, the `prependId=false` has become unnecessary as people can just invoke `HttpServletRequest#login()` in a backing bean action instead of explicitly submitting to the predefined URI `j_security_check`. Moreover, using `prependId=false` breaks the in JSF 2.0 introduced `f:ajax` and composite components as well as the in JSF 2.3 introduced `f:websocket` because it causes the `findComponent()` to not anymore work within naming containers, see also among others https://github.com/jakartaee/faces/issues/573

These days, people don't anymore use `<h:form prependId="false">` specifically to be able to submit to `j_security_check`, but they essentially abuse `prependId=false` generally to be able to use ids in CSS selectors without the need to escape them. But these people actually need to be re-educated about CSS best practices so that they don't anymore need ids in CSS selectors for non-unique elements/components, see also among others https://stackoverflow.com/a/5882502

All in all, using `<h:form prependId="false">` in JSF 2.x or newer is a red flag and is always discommended. We should deprecate the attribute and eventually remove it so people won't anymore fall into the trap. Do note that this attribute is absent in all naming container components other than `UIForm` and the community never reasonably requested for standardizing it in `NamingContainer`.

 

If there are no objections I will proceed merging https://github.com/jakartaee/faces/pull/1991

 

Cheers, B

_______________________________________________
faces-dev mailing list
faces-dev@xxxxxxxxxxx
To unsubscribe from this list, visit https://www.eclipse.org/mailman/listinfo/faces-dev
_______________________________________________
faces-dev mailing list
faces-dev@xxxxxxxxxxx
To unsubscribe from this list, visit https://www.eclipse.org/mailman/listinfo/faces-dev


--








"Só imprima esse e-mail se for realmente necessário, evite ao máximo o desperdício de papel. O papel reciclado utiliza aproximadamente 60% menos energia e água para ser feito do que o papel novo. Use papel reciclado."

Back to the top