[jira] Created: (OFBIZ-2490) Show Lookup field - security related error
Locked
[jira] Created: (OFBIZ-2490) Show Lookup field - security related error
 
|
Show Lookup field - security related error
------------------------------------------ Key: OFBIZ-2490 URL: https://issues.apache.org/jira/browse/OFBIZ-2490 Project: OFBiz Issue Type: Sub-task Components: order Affects Versions: SVN trunk Environment: Trunk Reporter: Aswath Satrasala Fix For: SVN trunk Go to FindOrders Click on 'LookupOrders'. OrderFound screen will be displayed Click on 'ShowLookupFields' The Following Errors Occurred: Error calling event: org.ofbiz.webapp.event.EventHandlerException: Found URL parameter [viewIndex] passed to secure (https) request-map with uri [searchorders] with an event that calls service [findOrders]; this is not allowed for security reasons! The data should be encrypted by making it part of the request body (a form field) instead of the request URL. Moreover it would be kind if you could create a Jira sub-task of https://issues.apache.org/jira/browse/OFBIZ-2330 (check before if a sub-task for this error does not exist). If you are not sure how to create a Jira issue please have a look before at http://docs.ofbiz.org/x/r. Thank you in advance for your help. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online. |
[jira] Updated: (OFBIZ-2490) Show Lookup field - security related error
|
|
[ https://issues.apache.org/jira/browse/OFBIZ-2490?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Aswath Satrasala updated OFBIZ-2490: ------------------------------------ Attachment: LookupAndHide.patch Please review the patch > Show Lookup field - security related error > ------------------------------------------ > > Key: OFBIZ-2490 > URL: https://issues.apache.org/jira/browse/OFBIZ-2490 > Project: OFBiz > Issue Type: Sub-task > Components: order > Affects Versions: SVN trunk > Environment: Trunk > Reporter: Aswath Satrasala > Fix For: SVN trunk > > Attachments: LookupAndHide.patch > > > Go to FindOrders > Click on 'LookupOrders'. > OrderFound screen will be displayed > Click on 'ShowLookupFields' > The Following Errors Occurred: > Error calling event: org.ofbiz.webapp.event.EventHandlerException: Found URL parameter [viewIndex] passed to secure (https) request-map with uri [searchorders] with an event that calls service [findOrders]; this is not allowed for security reasons! The data should be encrypted by making it part of the request body (a form field) instead of the request URL. Moreover it would be kind if you could create a Jira sub-task of https://issues.apache.org/jira/browse/OFBIZ-2330 (check before if a sub-task for this error does not exist). If you are not sure how to create a Jira issue please have a look before at http://docs.ofbiz.org/x/r. Thank you in advance for your help. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online. |
[jira] Closed: (OFBIZ-2490) Show Lookup field - security related error
|
|
In reply to this post by Nicolas Malin (Jira)
[ https://issues.apache.org/jira/browse/OFBIZ-2490?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Jacques Le Roux closed OFBIZ-2490. ---------------------------------- Resolution: Fixed Fix Version/s: Release Branch 9.04 Assignee: Jacques Le Roux Thanks Aswath, Your patch is in trunk at revision: 776227 and R9.04 at r776229. > Show Lookup field - security related error > ------------------------------------------ > > Key: OFBIZ-2490 > URL: https://issues.apache.org/jira/browse/OFBIZ-2490 > Project: OFBiz > Issue Type: Sub-task > Components: order > Affects Versions: SVN trunk > Environment: Trunk > Reporter: Aswath Satrasala > Assignee: Jacques Le Roux > Fix For: Release Branch 9.04, SVN trunk > > Attachments: LookupAndHide.patch > > > Go to FindOrders > Click on 'LookupOrders'. > OrderFound screen will be displayed > Click on 'ShowLookupFields' > The Following Errors Occurred: > Error calling event: org.ofbiz.webapp.event.EventHandlerException: Found URL parameter [viewIndex] passed to secure (https) request-map with uri [searchorders] with an event that calls service [findOrders]; this is not allowed for security reasons! The data should be encrypted by making it part of the request body (a form field) instead of the request URL. Moreover it would be kind if you could create a Jira sub-task of https://issues.apache.org/jira/browse/OFBIZ-2330 (check before if a sub-task for this error does not exist). If you are not sure how to create a Jira issue please have a look before at http://docs.ofbiz.org/x/r. Thank you in advance for your help. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online. |
[jira] Commented: (OFBIZ-2490) Show Lookup field - security related error
|
|
In reply to this post by Nicolas Malin (Jira)
[ https://issues.apache.org/jira/browse/OFBIZ-2490?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12711035#action_12711035 ] Ravindra Mandre commented on OFBIZ-2490: ---------------------------------------- This is not fixed yet and I am getting same error message on demo server by following above steps. > Show Lookup field - security related error > ------------------------------------------ > > Key: OFBIZ-2490 > URL: https://issues.apache.org/jira/browse/OFBIZ-2490 > Project: OFBiz > Issue Type: Sub-task > Components: order > Affects Versions: SVN trunk > Environment: Trunk > Reporter: Aswath Satrasala > Assignee: Jacques Le Roux > Fix For: Release Branch 9.04, SVN trunk > > Attachments: LookupAndHide.patch > > > Go to FindOrders > Click on 'LookupOrders'. > OrderFound screen will be displayed > Click on 'ShowLookupFields' > The Following Errors Occurred: > Error calling event: org.ofbiz.webapp.event.EventHandlerException: Found URL parameter [viewIndex] passed to secure (https) request-map with uri [searchorders] with an event that calls service [findOrders]; this is not allowed for security reasons! The data should be encrypted by making it part of the request body (a form field) instead of the request URL. Moreover it would be kind if you could create a Jira sub-task of https://issues.apache.org/jira/browse/OFBIZ-2330 (check before if a sub-task for this error does not exist). If you are not sure how to create a Jira issue please have a look before at http://docs.ofbiz.org/x/r. Thank you in advance for your help. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online. |
[jira] Commented: (OFBIZ-2490) Show Lookup field - security related error
|
|
In reply to this post by Nicolas Malin (Jira)
[ https://issues.apache.org/jira/browse/OFBIZ-2490?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12711042#action_12711042 ] Jacques Le Roux commented on OFBIZ-2490: ---------------------------------------- In such case always check the footer using flat-grey theme. It shows Release-revision : trunk-776224 > Show Lookup field - security related error > ------------------------------------------ > > Key: OFBIZ-2490 > URL: https://issues.apache.org/jira/browse/OFBIZ-2490 > Project: OFBiz > Issue Type: Sub-task > Components: order > Affects Versions: SVN trunk > Environment: Trunk > Reporter: Aswath Satrasala > Assignee: Jacques Le Roux > Fix For: Release Branch 9.04, SVN trunk > > Attachments: LookupAndHide.patch > > > Go to FindOrders > Click on 'LookupOrders'. > OrderFound screen will be displayed > Click on 'ShowLookupFields' > The Following Errors Occurred: > Error calling event: org.ofbiz.webapp.event.EventHandlerException: Found URL parameter [viewIndex] passed to secure (https) request-map with uri [searchorders] with an event that calls service [findOrders]; this is not allowed for security reasons! The data should be encrypted by making it part of the request body (a form field) instead of the request URL. Moreover it would be kind if you could create a Jira sub-task of https://issues.apache.org/jira/browse/OFBIZ-2330 (check before if a sub-task for this error does not exist). If you are not sure how to create a Jira issue please have a look before at http://docs.ofbiz.org/x/r. Thank you in advance for your help. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online. |
[jira] Commented: (OFBIZ-2490) Show Lookup field - security related error
|
|
In reply to this post by Nicolas Malin (Jira)
[ https://issues.apache.org/jira/browse/OFBIZ-2490?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12712692#action_12712692 ] Aswath Satrasala commented on OFBIZ-2490: ----------------------------------------- I tested now and It is working fine on demo server. -Aswath > Show Lookup field - security related error > ------------------------------------------ > > Key: OFBIZ-2490 > URL: https://issues.apache.org/jira/browse/OFBIZ-2490 > Project: OFBiz > Issue Type: Sub-task > Components: order > Affects Versions: SVN trunk > Environment: Trunk > Reporter: Aswath Satrasala > Assignee: Jacques Le Roux > Fix For: Release Branch 9.04, SVN trunk > > Attachments: LookupAndHide.patch > > > Go to FindOrders > Click on 'LookupOrders'. > OrderFound screen will be displayed > Click on 'ShowLookupFields' > The Following Errors Occurred: > Error calling event: org.ofbiz.webapp.event.EventHandlerException: Found URL parameter [viewIndex] passed to secure (https) request-map with uri [searchorders] with an event that calls service [findOrders]; this is not allowed for security reasons! The data should be encrypted by making it part of the request body (a form field) instead of the request URL. Moreover it would be kind if you could create a Jira sub-task of https://issues.apache.org/jira/browse/OFBIZ-2330 (check before if a sub-task for this error does not exist). If you are not sure how to create a Jira issue please have a look before at http://docs.ofbiz.org/x/r. Thank you in advance for your help. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online. |
«
Return to OFBiz - Dev
|
1 view|%1 views
| Free forum by Nabble | Edit this page |