-
Notifications
You must be signed in to change notification settings - Fork 743
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Spinner: serverside input validation #11830
Comments
Maverick-501
added
‼️ needs-triage
Issue needs triaging
🐞 defect
Bug...Something isn't working
labels
Apr 29, 2024
melloware
added a commit
to melloware/primefaces
that referenced
this issue
Apr 29, 2024
Agreed not sure how this got missed as |
melloware
added a commit
to melloware/primefaces
that referenced
this issue
Apr 29, 2024
melloware
added a commit
to melloware/primefaces
that referenced
this issue
Apr 29, 2024
melloware
changed the title
spinner: serverside input validation
Spinner: serverside input validation
Apr 29, 2024
melloware
added a commit
to melloware/primefaces
that referenced
this issue
Apr 29, 2024
melloware
added a commit
to melloware/primefaces
that referenced
this issue
Apr 29, 2024
melloware
added a commit
that referenced
this issue
Apr 29, 2024
melloware
added a commit
that referenced
this issue
Apr 29, 2024
melloware
added
🔒 security
Security related issue or enhancement
and removed
🐞 defect
Bug...Something isn't working
labels
Apr 29, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Describe the bug
The value of p:spinner is not validated on the serverside in relation to the min/max attributes.
I found the exact same issue here #3223 from 2018.
The issue was resolved but then reverted and never openend again.
I created a repoducer to show this is still an open issue in the newest version:
primefaces-test-jakarta.zip
p:inputNumber for example does a serverside check in the Renderer java class and the propsed fix in the issue from 2018 worked analog to that. Was there a reason why this was reverted and never fixed?
Reproducer
In developer tools (F12) update the spinner's value in the DOM to an invalid value (out of min/max range)
$('.ui-spinner-input.ui-inputfield').val("10000")
Then submit the form by pressing the button.
The value will now be shown as 1000 in "Value is:" altough max is set to 4.
Expected behavior
The value of p:spinner must be validated in relation to min/max on the server side.
PrimeFaces edition
None
PrimeFaces version
13.0.8
Theme
No response
JSF implementation
MyFaces
JSF version
4.0.2
Java version
17
Browser(s)
No response
The text was updated successfully, but these errors were encountered: