tags:

views:

56

answers:

1
Q: 

Using Spring and Jackson to Render JSON without affecting all Views

http://stackoverflow.com/questions/3121252/spring-mvc-ajax-and-json-using-custom-view-resolver-and-custom-view

Here I've gotten a view to display JSON by adding ".json" to the end of a URL, but using this method a visitor to the site can just put .json at the end of any URL they please and often it will result in an exception that gives too much information regarding the back end code.

I could catch the exception and provide a more user friendly error message, but I'm not sure if that's the best way to handle this since the times that I'd want to convert an object to JSON is actually quite limited and will really only be used for administration pages, is there a way to limit this feature to specific URLs, controllers, or controller methods?

Edit: This isn't about URLs that aren't mapped giving exceptions, It's about real URL's with ".json" after it that are mapped trying to render their contents as JSON when that isn't what is needed

I'm not worried about the exception I'm getting, it makes sense that I'm getting it, I'm saying that some URL's, in fact MOST URLs shouldn't be able to be taken as JSON, and putting ".json" after it should just return a 404

+1  A: 

I think is a problem more about security. If you're using a framework like Spring Security you can control that some URL like **.json can only be reached by some users (for instance the administrator, if they're only used in the admin pages).

Javi  2010-06-30 07:43:17
While I agree that this is a reasonable approach, I'm interested in other answers. I am fully willing to abandon the ".json" URL's entirely, and would prefer to have a simple way to specify controller methods that return JSON, than add a security aspect that is necessary because of a small subset of controller methods
walnutmon  2010-06-30 12:54:14
In Grails you can say "return myThing AS JSON", I like that style approach more for this kind of use case
walnutmon  2010-06-30 12:55:16

related questions

Java Time Zone is messed up
Eclipse on win64
Automate builds for Java RCP for deployment with JNLP
Why are professors or schools picking Java over C++ to teach to students?
Is there a real benefit of using J#?
Public/Popular Websites using JavaServer Faces
Why can't I use a try block around my super() call?
Accessing post variables using Java Servlets
Personal Linux web server
Is this really widening vs autoboxing?
How can I Java webstart multiple, dependent, native libraries?
Why can't I call toString() on a Java primitive?
How do I use Java to read from a file that is actively being written?
What code analysis tools do you use for your Java projects?
IllegalArgumentException or NullPointerException for a null parameter?
How do I configure and communicate with a serial port?
What is the best way to parse strings in Java
Getting started with a custom JXTA PeerGroup
Creating a custom button in Java
How to get started "writing" a code coverage tool?
Which Build-/Configuration Management Tool?
What is the difference between an int and an Integer in Java/C#?
What is the meaning of the type safety warning in certain Java generics casts?
How would you access Object properties from within an object method?
Converting CSV File to XML in Java