[jira] [Commented] (OFBIZ-7306) Delete Customer Tax Auth Info link is not working - Security Error

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

[jira] [Commented] (OFBIZ-7306) Delete Customer Tax Auth Info link is not working - Security Error

Nicolas Malin (Jira)

    [ https://issues.apache.org/jira/browse/OFBIZ-7306?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15327348#comment-15327348 ]

Jacques Le Roux commented on OFBIZ-7306:
----------------------------------------

It seems to me that this is a duplicate of OFBIZ-4106, please check, thanks

> Delete Customer Tax Auth Info link is not working - Security Error
> ------------------------------------------------------------------
>
>                 Key: OFBIZ-7306
>                 URL: https://issues.apache.org/jira/browse/OFBIZ-7306
>             Project: OFBiz
>          Issue Type: Sub-task
>          Components: specialpurpose/ecommerce
>    Affects Versions: Release Branch 13.07, Release Branch 14.12, Trunk, Release Branch 15.12
>            Reporter: Mohammed Rehan Khan
>            Assignee: Pranay Pandey
>
> Steps to reproduce:
> 1) Go to eCommerce
> 2) Click on profile tab
> 3) Add customer tax auth info from "Tax Identification and Exemption" section.
> 4) Click on delete icon.
> Getting following security error:
> Error calling event: org.ofbiz.webapp.event.EventHandlerException: Found URL parameter [partyId] passed to secure (https) request-map with uri [deleteCustomerTaxAuthInfo] with an event that calls service [deletePartyTaxAuthInfo]; this is not allowed for security reasons! The data should be encrypted by making it part of the request body (a form field) instead of the request URL.
>  



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)