Spinner: serverside input validation #11830
Comments
Maverick-501
added
‼️ needs-triage
melloware
added a commit
to melloware/primefaces
that referenced
this issue
Apr 29, 2024
|
Agreed not sure how this got missed as |
melloware
added a commit
to melloware/primefaces
that referenced
this issue
Apr 29, 2024
melloware
added a commit
to melloware/primefaces
that referenced
this issue
Apr 29, 2024
melloware
changed the title
melloware
added a commit
to melloware/primefaces
that referenced
this issue
Apr 29, 2024
melloware
added a commit
to melloware/primefaces
that referenced
this issue
Apr 29, 2024
melloware
added a commit
that referenced
this issue
Apr 29, 2024
melloware
added a commit
that referenced
this issue
Apr 29, 2024
melloware
added
🔒 security
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Describe the bug
The value of p:spinner is not validated on the serverside in relation to the min/max attributes.
I found the exact same issue here #3223 from 2018.
The issue was resolved but then reverted and never openend again.
I created a repoducer to show this is still an open issue in the newest version:
primefaces-test-jakarta.zip
p:inputNumber for example does a serverside check in the Renderer java class and the propsed fix in the issue from 2018 worked analog to that. Was there a reason why this was reverted and never fixed?
Reproducer
In developer tools (F12) update the spinner's value in the DOM to an invalid value (out of min/max range)
$('.ui-spinner-input.ui-inputfield').val("10000")Then submit the form by pressing the button.
The value will now be shown as 1000 in "Value is:" altough max is set to 4.
Expected behavior
The value of p:spinner must be validated in relation to min/max on the server side.
PrimeFaces edition
None
PrimeFaces version
13.0.8
Theme
No response
JSF implementation
MyFaces
JSF version
4.0.2
Java version
17
Browser(s)
No response
The text was updated successfully, but these errors were encountered: