OFBiz OFBiz - Dev

[jira] [Comment Edited] (OFBIZ-7270) Create New Shopping List - Security Error

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
Nicolas Malin (Jira)
Reply | Threaded
Open this post in threaded view
|

[jira] [Comment Edited] (OFBIZ-7270) Create New Shopping List - Security Error

Nicolas Malin (Jira)

    [ https://issues.apache.org/jira/browse/OFBIZ-7270?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15322609#comment-15322609 ]

Mohammed Rehan Khan edited comment on OFBIZ-7270 at 6/10/16 6:29 AM:
---------------------------------------------------------------------

Thanks [~deepak.dixit] for reviewing the patch. I will check and update it accordingly.

One question: If I use input type submit instead of anchor tag then "Create  New" is getting displayed as button. I also tried to find out CSS property to make button to link. But I didn't find it.
I took the reference from this issue [OFBIZ-3001] which has been committed at -r r907342.
Please let me know if there is any better fix available for this.

--
Thanks    


was (Author: rehan.khan):
Thanks [~deepak.dixit] for reviewing the patch. I will check and update it accordingly.

One question: If I use input type submit instead of anchor tag then "Create  New" is getting displayed as button. I also tried to find out CSS property to make button to link. But I didn't find it.
Also Jacques has been fixed similar type of issue at -r r907342. Here is the link for the issue [OFBIZ-3001].

--
Thanks    

> Create New Shopping List - Security Error
> ------------------------------------------
>
>                 Key: OFBIZ-7270
>                 URL: https://issues.apache.org/jira/browse/OFBIZ-7270
>             Project: OFBiz
>          Issue Type: Sub-task
>          Components: specialpurpose/ecommerce
>    Affects Versions: Release Branch 13.07, Release Branch 14.12, Trunk, Release Branch 15.12
>            Reporter: Mohammed Rehan Khan
>            Assignee: Pranay Pandey
>         Attachments: OFBIZ-7270.patch
>
>
> Steps to reproduce:
> 1) Go to eCommerce
> 2) Click on shopping list tab
> 3) Click on create new link  
> Getting following security error:
> Error calling event: org.ofbiz.webapp.event.EventHandlerException: Found URL parameter [productStoreId] passed to secure (https) request-map with uri [createEmptyShoppingList] with an event that calls service [createShoppingList]; this is not allowed for security reasons! The data should be encrypted by making it part of the request body (a form field) instead of the request URL.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
Free forum by Nabble Edit this page