[
https://issues.apache.org/jira/browse/OFBIZ-3862?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12991396#comment-12991396 ]
Bilgin Ibryam commented on OFBIZ-3862:
--------------------------------------
I'm also concerned about the security, but I think it is ok
> Ajax requests prevent externalLoginKey parameters from working correctly
> ------------------------------------------------------------------------
>
> Key: OFBIZ-3862
> URL:
https://issues.apache.org/jira/browse/OFBIZ-3862> Project: OFBiz
> Issue Type: Bug
> Components: framework
> Affects Versions: SVN trunk
> Reporter: Scott Gray
> Attachments: externalKey.patch, externalKey.patch
>
>
> A new external login key is generated for every request so if an ajax request fires on a page then the externalLoginKey used in any links on the page is invalidated.
--
This message is automatically generated by JIRA.
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
Locked
