[
https://issues.apache.org/jira/browse/OFBIZ-7291?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Pranay Pandey resolved OFBIZ-7291.
----------------------------------
Resolution: Fixed
Fix Version/s: 13.07.04
15.12.01
14.12.01
Thanks Mohammed Rehan Khan for the contribution.
Patch committed to
Trunk at revisions 1748156, 1748164
R15.12 at r1748161,
R14.12 at r1748156 and
R13.07 at r1748163.
> Remove Shopping List Item link is not working - Security Error
> --------------------------------------------------------------
>
> Key: OFBIZ-7291
> URL:
https://issues.apache.org/jira/browse/OFBIZ-7291> Project: OFBiz
> Issue Type: Sub-task
> Components: specialpurpose/ecommerce
> Affects Versions: Release Branch 13.07, Release Branch 14.12, Trunk, Release Branch 15.12
> Reporter: Mohammed Rehan Khan
> Assignee: Pranay Pandey
> Fix For: 14.12.01, 15.12.01, 13.07.04
>
> Attachments: OFBIZ-7291-Release-13.07.patch, OFBIZ-7291-Release-14.12.patch, OFBIZ-7291-Release-15.12.patch, OFBIZ-7291.patch
>
>
> Steps to reproduce:
> 1) Go to eCommerce
> 2) Add any item in shopping list
> 3) Click on shopping list tab
> 4) Click on Remove button of list items section
> Getting following security error:
> Error calling event: org.ofbiz.webapp.event.EventHandlerException: Found URL parameter [shoppingListId] passed to secure (https) request-map with uri [removeFromShoppingList] with an event that calls service [removeShoppingListItem]; this is not allowed for security reasons! The data should be encrypted by making it part of the request body (a form field) instead of the request URL.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
Locked
