Force JSF to process, validate and update readonly/disabled input components anyway

validation jsf

Solution 1:

That's the effect of JSF's safeguard against tampered/attacked requests wherein the hacker attempts to circumvent the readonly (and disabled) attribute by manipulating the HTML DOM and/or the HTTP request.

Instead of

<x:inputXxx ... readonly="true">

use

<x:inputXxx ... readonly="#{facesContext.currentPhaseId.ordinal eq 6}">

or

<x:inputXxx ... readonly="#{not facesContext.postback or facesContext.renderResponse}">

This makes sure that readonly is only effective during render response phase and not during all other JSF phases. So, when JSF is about to decode the input component during the apply request values phase, it will consider readonly="false" this way.

See also:

  • other uses of #{facesContext.currentPhaseId.ordinal}

Solution 2:

The key codes for the top row of numbers are 48-57 so you could write a function to disable keypress on those characters.

Something like this 

function disableEnter(event) {
    var charCode = (event.which) ? event.which : event.keyCode;
    if (charCode > 31  && (charCode > 47 || charCode < 58)) {
        return false;}
    } else return true;
}

<h:inputText onkeypress="return disableEnter(event);" />

Related

JavaFX - Background Thread for SQL Query
GROUP BY and aggregate sequential numeric values
Passing a value from one form to another form
Typescript check object by type or interface at runtime with typeguards in 2020+
LINQ recursion function?
"constructing" a trivially-copyable object with memcpy
<iframe> javascript access parent DOM across domains?
How to form a correct MySQL connection string? [closed]
Python comparison operators chaining/grouping left to right?
Security OVAL files seem to give false positives
wine install E: Unable to correct problems, you have held broken packages [duplicate]
Xubuntu tiling: how to maximize terminal window for partial tiling?