ATG Form Handler Best Practices Do's
· Each and every JSP page should be associated with one form handler; it may be custom or OOTB form
handler
· Avoid reusing custom formhandler; ideally it should be one to one mapping between page and custom
formhandler. This will reduce the maintenance effort and increase the readability.
· Formhandler scope may be request or session, request scope is always recommended. Sometimes we
can define session scope if the formhandler is called several times in one session, to avoid creation of
multiple copies. But be very careful, you need to reset and initialize formhandler field after usage.
· Formhandler should only refer to same scope or higher scope component i.e. session formhandler should
never refer to any request scope component; sessionàsession and sessionàglobal are valid and allowed.
Never useNucleus.resolveName to resolve component to fix this bad scoping reference, this is very
extremely expensive call. Better re-think about your component architecture.
· Formhandler should never refer to another formhandler. If they share form fields, better put those fields in
base formhandler and then extend it. If this doesn’t solve well the purpose and makes your design
complex, move common method to manager and refer it from formhandler to reuse code. ATG
formhandlers are designed to be invoked from page. If you use it through component reference in other
components, you may miss initialization beforeSet and afterSet callback methods.
· All page data should be passed through formhandler, avoid passing any attribute through request and
session.
· Set the priority of the field to "-10" for required input fields other than submit button, so that it gets
invoked after all of the setters have been called.
· Return false from formhandler handler method if you are done with the page and no need to process the
page further.
· Return true to redirect to success page.
ATG Best Practices Form Handler Dont's
· Don’t mix business logic with presentation: Formhandler and JSP page should not have any business logic.
It should only contain page field’s validation. All business logic regarding validation should be defined in
global component and
formhandler should refer to it in handler method.
o Reusable components: Different formhandlers will be able to reuse the components.
o Separation of business logic and presentation logic: You can change the way data is displayed
without affecting business logic. In other words, web page designers can focus on presentation and
Java developers can focus on business logic.
· Don’t use formhandler to load the page information, use droplet to populate data for display
o They can eliminate scriptlets in your JSP applications. Any necessary parameters to the droplet can be
passed as attributes, and therefore no Java code is needed to initialize or set component properties.
o They have simpler syntax. Scriptlets are written in Java code, but OOTB or custom Droplet can be
used in an HTML-like syntax.
o They can improve the productivity of frontend or content developers
o They are reusable. They save development and testing time. Scriptlets are not reusable, unless you call
cut-and-paste "reuse."
· Never call nucleus component and web services from Page. This may be fast and easy to use but at the
cost of many other important features of formhandler like field security, cross scripting attack, encoding
and decoding.
· Never set successUrl, errorUrl and other url for redirect from JSP page. This should be set into
formhandler properties files. Defining redirect urls on page increase the risk of cross-site scripting attacks.
· Try not to re-invent the wheel: ATG provides wide range of ATG OOTB droplets and formhandlers.
Check to see if what you want is already available. Avoid writing formhandler from scratch, find the
component closest in functionality to what the application needs and extend it if needed.
No comments:
Post a Comment