[jira] Created: (OFBIZ-2929) Trying to do a quick check out in Ecommerce application and facing error when clicking Submit Order after filling the credit card details.
Locked
[jira] Created: (OFBIZ-2929) Trying to do a quick check out in Ecommerce application and facing error when clicking Submit Order after filling the credit card details.
 
|
Trying to do a quick check out in Ecommerce application and facing error when clicking Submit Order after filling the credit card details.
------------------------------------------------------------------------------------------------------------------------------------------ Key: OFBIZ-2929 URL: https://issues.apache.org/jira/browse/OFBIZ-2929 Project: OFBiz Issue Type: Sub-task Components: specialpurpose/ecommerce Affects Versions: Release Branch 9.04, SVN trunk Reporter: Jacques Le Roux Error calling event: org.ofbiz.webapp.event.EventHandlerException: Found URL parameter [cardType] passed to secure (https) request-map with uri [quickAnonEnterCreditCard] with an event that calls service [createCreditCard]; this is not allowed for security reasons! The data should be encrypted by making it part of the request body (a form field) instead of the request URL. Moreover it would be kind if you could create a Jira sub-task of https://issues.apache.org/jira/browse/OFBIZ-2330 (check before if a sub-task for this error does not exist). If you are not sure how to create a Jira issue please have a look before at http://docs.ofbiz.org/x/r. Thank you in advance for your help. Steps to reproduce: 1.Go to Ecommerce Home Page 2. Select Some items and add to Cart 3. Click Quick Checkout 4. Page goes to Login Page and there also select Quick Chekout 5. Fill User details for quick check out 6. Goes to next page and there select payment type as Credit Card and fill credit card details 7. Select some shipping method type in the same page at right hand menu 8. Click Submit Order button in the same page at the end 9. then getting the mentioned error. Reported by Hemanth Kumar Kanamarlapudi on user ML -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online. |
[jira] Commented: (OFBIZ-2929) Trying to do a quick check out in Ecommerce application and facing error when clicking Submit Order after filling the credit card details.
|
|
[ https://issues.apache.org/jira/browse/OFBIZ-2929?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12757986#action_12757986 ] Jacques Le Roux commented on OFBIZ-2929: ---------------------------------------- This is a problem with anonymous checkout only > Trying to do a quick check out in Ecommerce application and facing error when clicking Submit Order after filling the credit card details. > ------------------------------------------------------------------------------------------------------------------------------------------ > > Key: OFBIZ-2929 > URL: https://issues.apache.org/jira/browse/OFBIZ-2929 > Project: OFBiz > Issue Type: Sub-task > Components: specialpurpose/ecommerce > Affects Versions: Release Branch 9.04, SVN trunk > Reporter: Jacques Le Roux > > Error calling event: org.ofbiz.webapp.event.EventHandlerException: Found URL parameter [cardType] passed to secure (https) request-map with uri [quickAnonEnterCreditCard] with an event that calls service [createCreditCard]; this is not allowed for security reasons! The data should be encrypted by making it part of the request body (a form field) instead of the request URL. Moreover it would be kind if you could create a Jira sub-task of https://issues.apache.org/jira/browse/OFBIZ-2330 (check before if a sub-task for this error does not exist). If you are not sure how to create a Jira issue please have a look before at http://docs.ofbiz.org/x/r. Thank you in advance for your help. > Steps to reproduce: > 1.Go to Ecommerce Home Page > 2. Select Some items and add to Cart > 3. Click Quick Checkout > 4. Page goes to Login Page and there also select Quick Chekout > 5. Fill User details for quick check out > 6. Goes to next page and there select payment type as Credit Card and fill credit card details > 7. Select some shipping method type in the same page at right hand menu > 8. Click Submit Order button in the same page at the end > 9. then getting the mentioned error. > Reported by Hemanth Kumar Kanamarlapudi on user ML -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online. |
[jira] Commented: (OFBIZ-2929) Trying to do a quick check out in Ecommerce application and facing error when clicking Submit Order after filling the credit card details.
|
|
In reply to this post by Nicolas Malin (Jira)
[ https://issues.apache.org/jira/browse/OFBIZ-2929?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12758004#action_12758004 ] Jacques Le Roux commented on OFBIZ-2929: ---------------------------------------- Actually I did not reproduce with trunk at r817344 nor with R9.04 at r817156 I wait confirmation by Simon Hutchinson before closing. > Trying to do a quick check out in Ecommerce application and facing error when clicking Submit Order after filling the credit card details. > ------------------------------------------------------------------------------------------------------------------------------------------ > > Key: OFBIZ-2929 > URL: https://issues.apache.org/jira/browse/OFBIZ-2929 > Project: OFBiz > Issue Type: Sub-task > Components: specialpurpose/ecommerce > Affects Versions: Release Branch 9.04, SVN trunk > Reporter: Jacques Le Roux > > Error calling event: org.ofbiz.webapp.event.EventHandlerException: Found URL parameter [cardType] passed to secure (https) request-map with uri [quickAnonEnterCreditCard] with an event that calls service [createCreditCard]; this is not allowed for security reasons! The data should be encrypted by making it part of the request body (a form field) instead of the request URL. Moreover it would be kind if you could create a Jira sub-task of https://issues.apache.org/jira/browse/OFBIZ-2330 (check before if a sub-task for this error does not exist). If you are not sure how to create a Jira issue please have a look before at http://docs.ofbiz.org/x/r. Thank you in advance for your help. > Steps to reproduce: > 1.Go to Ecommerce Home Page > 2. Select Some items and add to Cart > 3. Click Quick Checkout > 4. Page goes to Login Page and there also select Quick Chekout > 5. Fill User details for quick check out > 6. Goes to next page and there select payment type as Credit Card and fill credit card details > 7. Select some shipping method type in the same page at right hand menu > 8. Click Submit Order button in the same page at the end > 9. then getting the mentioned error. > Reported by Hemanth Kumar Kanamarlapudi on user ML -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online. |
[jira] Commented: (OFBIZ-2929) Trying to do a quick check out in Ecommerce application and facing error when clicking Submit Order after filling the credit card details.
|
|
In reply to this post by Nicolas Malin (Jira)
[ https://issues.apache.org/jira/browse/OFBIZ-2929?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12758229#action_12758229 ] Simon Hutchinson commented on OFBIZ-2929: ----------------------------------------- I can still reproduce with trunk at r817603 Firebug NET panel shows that a GET is being made upon "Submit Order" to quickAnonEnterCreditCard - hence the security violation. A very quick look at quickAnonPaymentInformation.ftl shows a good starting point. <form id="setPaymentInformation" type="POST" action="<@ofbizUrl>quickAnonAddGiftCardToCart</@ofbizUrl>" name="setPaymentInformation"> type="POST" Changed to method="POST" Submits the form without error, however the checkout still doesn't complete ..... will continue investigating time allowing > Trying to do a quick check out in Ecommerce application and facing error when clicking Submit Order after filling the credit card details. > ------------------------------------------------------------------------------------------------------------------------------------------ > > Key: OFBIZ-2929 > URL: https://issues.apache.org/jira/browse/OFBIZ-2929 > Project: OFBiz > Issue Type: Sub-task > Components: specialpurpose/ecommerce > Affects Versions: Release Branch 9.04, SVN trunk > Reporter: Jacques Le Roux > > Error calling event: org.ofbiz.webapp.event.EventHandlerException: Found URL parameter [cardType] passed to secure (https) request-map with uri [quickAnonEnterCreditCard] with an event that calls service [createCreditCard]; this is not allowed for security reasons! The data should be encrypted by making it part of the request body (a form field) instead of the request URL. Moreover it would be kind if you could create a Jira sub-task of https://issues.apache.org/jira/browse/OFBIZ-2330 (check before if a sub-task for this error does not exist). If you are not sure how to create a Jira issue please have a look before at http://docs.ofbiz.org/x/r. Thank you in advance for your help. > Steps to reproduce: > 1.Go to Ecommerce Home Page > 2. Select Some items and add to Cart > 3. Click Quick Checkout > 4. Page goes to Login Page and there also select Quick Chekout > 5. Fill User details for quick check out > 6. Goes to next page and there select payment type as Credit Card and fill credit card details > 7. Select some shipping method type in the same page at right hand menu > 8. Click Submit Order button in the same page at the end > 9. then getting the mentioned error. > Reported by Hemanth Kumar Kanamarlapudi on user ML -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online. |
[jira] Updated: (OFBIZ-2929) Trying to do a quick check out in Ecommerce application and facing error when clicking Submit Order after filling the credit card details.
|
|
In reply to this post by Nicolas Malin (Jira)
[ https://issues.apache.org/jira/browse/OFBIZ-2929?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Simon Hutchinson updated OFBIZ-2929: ------------------------------------ Attachment: paymentInfoPatch.diff Path to change form attribute from type to method > Trying to do a quick check out in Ecommerce application and facing error when clicking Submit Order after filling the credit card details. > ------------------------------------------------------------------------------------------------------------------------------------------ > > Key: OFBIZ-2929 > URL: https://issues.apache.org/jira/browse/OFBIZ-2929 > Project: OFBiz > Issue Type: Sub-task > Components: specialpurpose/ecommerce > Affects Versions: Release Branch 9.04, SVN trunk > Reporter: Jacques Le Roux > Attachments: paymentInfoPatch.diff > > > Error calling event: org.ofbiz.webapp.event.EventHandlerException: Found URL parameter [cardType] passed to secure (https) request-map with uri [quickAnonEnterCreditCard] with an event that calls service [createCreditCard]; this is not allowed for security reasons! The data should be encrypted by making it part of the request body (a form field) instead of the request URL. Moreover it would be kind if you could create a Jira sub-task of https://issues.apache.org/jira/browse/OFBIZ-2330 (check before if a sub-task for this error does not exist). If you are not sure how to create a Jira issue please have a look before at http://docs.ofbiz.org/x/r. Thank you in advance for your help. > Steps to reproduce: > 1.Go to Ecommerce Home Page > 2. Select Some items and add to Cart > 3. Click Quick Checkout > 4. Page goes to Login Page and there also select Quick Chekout > 5. Fill User details for quick check out > 6. Goes to next page and there select payment type as Credit Card and fill credit card details > 7. Select some shipping method type in the same page at right hand menu > 8. Click Submit Order button in the same page at the end > 9. then getting the mentioned error. > Reported by Hemanth Kumar Kanamarlapudi on user ML -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online. |
[jira] Issue Comment Edited: (OFBIZ-2929) Trying to do a quick check out in Ecommerce application and facing error when clicking Submit Order after filling the credit card details.
|
|
In reply to this post by Nicolas Malin (Jira)
[ https://issues.apache.org/jira/browse/OFBIZ-2929?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12758230#action_12758230 ] Simon Hutchinson edited comment on OFBIZ-2929 at 9/22/09 5:41 AM: ------------------------------------------------------------------ Patch to change form attribute from type to method was (Author: [hidden email]): Path to change form attribute from type to method > Trying to do a quick check out in Ecommerce application and facing error when clicking Submit Order after filling the credit card details. > ------------------------------------------------------------------------------------------------------------------------------------------ > > Key: OFBIZ-2929 > URL: https://issues.apache.org/jira/browse/OFBIZ-2929 > Project: OFBiz > Issue Type: Sub-task > Components: specialpurpose/ecommerce > Affects Versions: Release Branch 9.04, SVN trunk > Reporter: Jacques Le Roux > Attachments: paymentInfoPatch.diff > > > Error calling event: org.ofbiz.webapp.event.EventHandlerException: Found URL parameter [cardType] passed to secure (https) request-map with uri [quickAnonEnterCreditCard] with an event that calls service [createCreditCard]; this is not allowed for security reasons! The data should be encrypted by making it part of the request body (a form field) instead of the request URL. Moreover it would be kind if you could create a Jira sub-task of https://issues.apache.org/jira/browse/OFBIZ-2330 (check before if a sub-task for this error does not exist). If you are not sure how to create a Jira issue please have a look before at http://docs.ofbiz.org/x/r. Thank you in advance for your help. > Steps to reproduce: > 1.Go to Ecommerce Home Page > 2. Select Some items and add to Cart > 3. Click Quick Checkout > 4. Page goes to Login Page and there also select Quick Chekout > 5. Fill User details for quick check out > 6. Goes to next page and there select payment type as Credit Card and fill credit card details > 7. Select some shipping method type in the same page at right hand menu > 8. Click Submit Order button in the same page at the end > 9. then getting the mentioned error. > Reported by Hemanth Kumar Kanamarlapudi on user ML -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online. |
[jira] Commented: (OFBIZ-2929) Trying to do a quick check out in Ecommerce application and facing error when clicking Submit Order after filling the credit card details.
|
|
In reply to this post by Nicolas Malin (Jira)
[ https://issues.apache.org/jira/browse/OFBIZ-2929?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12758232#action_12758232 ] Scott Gray commented on OFBIZ-2929: ----------------------------------- A real minor comment but "POST" should be "post" for xhtml. > Trying to do a quick check out in Ecommerce application and facing error when clicking Submit Order after filling the credit card details. > ------------------------------------------------------------------------------------------------------------------------------------------ > > Key: OFBIZ-2929 > URL: https://issues.apache.org/jira/browse/OFBIZ-2929 > Project: OFBiz > Issue Type: Sub-task > Components: specialpurpose/ecommerce > Affects Versions: Release Branch 9.04, SVN trunk > Reporter: Jacques Le Roux > Attachments: paymentInfoPatch.diff > > > Error calling event: org.ofbiz.webapp.event.EventHandlerException: Found URL parameter [cardType] passed to secure (https) request-map with uri [quickAnonEnterCreditCard] with an event that calls service [createCreditCard]; this is not allowed for security reasons! The data should be encrypted by making it part of the request body (a form field) instead of the request URL. Moreover it would be kind if you could create a Jira sub-task of https://issues.apache.org/jira/browse/OFBIZ-2330 (check before if a sub-task for this error does not exist). If you are not sure how to create a Jira issue please have a look before at http://docs.ofbiz.org/x/r. Thank you in advance for your help. > Steps to reproduce: > 1.Go to Ecommerce Home Page > 2. Select Some items and add to Cart > 3. Click Quick Checkout > 4. Page goes to Login Page and there also select Quick Chekout > 5. Fill User details for quick check out > 6. Goes to next page and there select payment type as Credit Card and fill credit card details > 7. Select some shipping method type in the same page at right hand menu > 8. Click Submit Order button in the same page at the end > 9. then getting the mentioned error. > Reported by Hemanth Kumar Kanamarlapudi on user ML -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online. |
[jira] Closed: (OFBIZ-2929) Trying to do a quick check out in Ecommerce application and facing error when clicking Submit Order after filling the credit card details.
|
|
In reply to this post by Nicolas Malin (Jira)
[ https://issues.apache.org/jira/browse/OFBIZ-2929?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Jacques Le Roux closed OFBIZ-2929. ---------------------------------- Resolution: Fixed Fix Version/s: SVN trunk Release Branch 9.04 Assignee: Jacques Le Roux Thanks Simon and Scott, Actually it fixed the issue for me. I commited in trunk at r818494, and R9.04 at r818507 > Trying to do a quick check out in Ecommerce application and facing error when clicking Submit Order after filling the credit card details. > ------------------------------------------------------------------------------------------------------------------------------------------ > > Key: OFBIZ-2929 > URL: https://issues.apache.org/jira/browse/OFBIZ-2929 > Project: OFBiz > Issue Type: Sub-task > Components: specialpurpose/ecommerce > Affects Versions: Release Branch 9.04, SVN trunk > Reporter: Jacques Le Roux > Assignee: Jacques Le Roux > Fix For: Release Branch 9.04, SVN trunk > > Attachments: paymentInfoPatch.diff > > > Error calling event: org.ofbiz.webapp.event.EventHandlerException: Found URL parameter [cardType] passed to secure (https) request-map with uri [quickAnonEnterCreditCard] with an event that calls service [createCreditCard]; this is not allowed for security reasons! The data should be encrypted by making it part of the request body (a form field) instead of the request URL. Moreover it would be kind if you could create a Jira sub-task of https://issues.apache.org/jira/browse/OFBIZ-2330 (check before if a sub-task for this error does not exist). If you are not sure how to create a Jira issue please have a look before at http://docs.ofbiz.org/x/r. Thank you in advance for your help. > Steps to reproduce: > 1.Go to Ecommerce Home Page > 2. Select Some items and add to Cart > 3. Click Quick Checkout > 4. Page goes to Login Page and there also select Quick Chekout > 5. Fill User details for quick check out > 6. Goes to next page and there select payment type as Credit Card and fill credit card details > 7. Select some shipping method type in the same page at right hand menu > 8. Click Submit Order button in the same page at the end > 9. then getting the mentioned error. > Reported by Hemanth Kumar Kanamarlapudi on user ML -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online. |
«
Return to OFBiz - Dev
|
1 view|%1 views
| Free forum by Nabble | Edit this page |