verification email
Locked
 
|
Hi,
When user registers for newsletter on ecommerce site, ofbiz sends the verification email. The email has form and submit button. Some email client won't allow the form submit. Hence, I tried changing it to hyperlink but it gives following error. Does anyone have better idea? Request updateContactListPartyNoUserLogin caused an error with the following message: Error calling event: org.ofbiz.webapp.event.EventHandlerException: Found URL parameter [contactListId] passed to secure (https) request-map with uri [updateContactListPartyNoUserLogin] with an event that calls service [updateContactListPartyNoUserLogin]; this is not allowed for security reasons! The data should be encrypted by making it part of the request body (a form field) instead of the request URL. Moreover it would be kind if you could create a Jira sub-task of https://issues.apache.org/jira/browse/OFBIZ-2330 (check before if a sub-task for this error does not exist). If you are not sure how to create a Jira issue please have a look before at http://cwiki.apache.org/confluence/x/JIB2 Thank you in advance for your help. Regards, Kiran Gawde Senior Software Architect Object Edge Inc (925) 943 5558 x108 "There are two kind of people: Those who do the work and those who take the credit. Try to be in the first group because there is less competition there." "Never give up on what you really want to do. The person with big dreams is more powerful than one with all the facts". |
|
|
Additional info:
There is viewprofile link in the email. But I think, it is going to wrong page. i.e: there are two viewprofile.ftl component://ecommerce/webapp/ecommerce/customer/profile/ViewProfile.ftl component://ecommerce/webapp/ecommerce/customer/viewProfile.ftl I believe, view profile link in email is suppose to point to second ftl. If I get the confirmation, I will do the change and submit the patch. Regards, Kiran Gawde Senior Software Architect Object Edge Inc (925) 943 5558 x108 "There are two kind of people: Those who do the work and those who take the credit. Try to be in the first group because there is less competition there." "Never give up on what you really want to do. The person with big dreams is more powerful than one with all the facts". From: [hidden email] To: [hidden email] Date: 11/17/2011 04:18 PM Subject: verification email Hi, When user registers for newsletter on ecommerce site, ofbiz sends the verification email. The email has form and submit button. Some email client won't allow the form submit. Hence, I tried changing it to hyperlink but it gives following error. Does anyone have better idea? Request updateContactListPartyNoUserLogin caused an error with the following message: Error calling event: org.ofbiz.webapp.event.EventHandlerException: Found URL parameter [contactListId] passed to secure (https) request-map with uri [updateContactListPartyNoUserLogin] with an event that calls service [updateContactListPartyNoUserLogin]; this is not allowed for security reasons! The data should be encrypted by making it part of the request body (a form field) instead of the request URL. Moreover it would be kind if you could create a Jira sub-task of https://issues.apache.org/jira/browse/OFBIZ-2330 (check before if a sub-task for this error does not exist). If you are not sure how to create a Jira issue please have a look before at http://cwiki.apache.org/confluence/x/JIB2 Thank you in advance for your help. Regards, Kiran Gawde Senior Software Architect Object Edge Inc (925) 943 5558 x108 "There are two kind of people: Those who do the work and those who take the credit. Try to be in the first group because there is less competition there." "Never give up on what you really want to do. The person with big dreams is more powerful than one with all the facts". |
|
|
Additional info:
Looks like around Sept 09, newcustomer and viewprofile screen were reengineered. Not sure, if during that time it was decided to drop the contact list from view profile page. Also, seems like there is no place to view and edit credit card information. Here are few other screens that were included in original viewprofile.ftl. Seems like we lost lot of functionality during this reengineering!! ${screens.render( "component://ecommerce/widget/CustomerScreens.xml#messagelist-include")} ${screens.render( "component://ecommerce/widget/CustomerScreens.xml#FinAccountList-include" )} <#-- Serialized Inventory Summary --> ${screens.render( 'component://ecommerce/widget/CustomerScreens.xml#SerializedInventorySummary' )} <#-- Subscription Summary --> ${screens.render( 'component://ecommerce/widget/CustomerScreens.xml#SubscriptionSummary')} Also, ManageAddress.ftl refers to ViewProfile.groovy only for partyContactMechValueMaps. Remaining values retrieved from db are not used. May be we should create separate groovy file with just that. Regards, Kiran Gawde Senior Software Architect Object Edge Inc (925) 943 5558 x108 "There are two kind of people: Those who do the work and those who take the credit. Try to be in the first group because there is less competition there." "Never give up on what you really want to do. The person with big dreams is more powerful than one with all the facts". From: [hidden email] To: [hidden email] Date: 11/17/2011 04:44 PM Subject: Re: verification email Additional info: There is viewprofile link in the email. But I think, it is going to wrong page. i.e: there are two viewprofile.ftl component://ecommerce/webapp/ecommerce/customer/profile/ViewProfile.ftl component://ecommerce/webapp/ecommerce/customer/viewProfile.ftl I believe, view profile link in email is suppose to point to second ftl. If I get the confirmation, I will do the change and submit the patch. Regards, Kiran Gawde Senior Software Architect Object Edge Inc (925) 943 5558 x108 "There are two kind of people: Those who do the work and those who take the credit. Try to be in the first group because there is less competition there." "Never give up on what you really want to do. The person with big dreams is more powerful than one with all the facts". From: [hidden email] To: [hidden email] Date: 11/17/2011 04:18 PM Subject: verification email Hi, When user registers for newsletter on ecommerce site, ofbiz sends the verification email. The email has form and submit button. Some email client won't allow the form submit. Hence, I tried changing it to hyperlink but it gives following error. Does anyone have better idea? Request updateContactListPartyNoUserLogin caused an error with the following message: Error calling event: org.ofbiz.webapp.event.EventHandlerException: Found URL parameter [contactListId] passed to secure (https) request-map with uri [updateContactListPartyNoUserLogin] with an event that calls service [updateContactListPartyNoUserLogin]; this is not allowed for security reasons! The data should be encrypted by making it part of the request body (a form field) instead of the request URL. Moreover it would be kind if you could create a Jira sub-task of https://issues.apache.org/jira/browse/OFBIZ-2330 (check before if a sub-task for this error does not exist). If you are not sure how to create a Jira issue please have a look before at http://cwiki.apache.org/confluence/x/JIB2 Thank you in advance for your help. Regards, Kiran Gawde Senior Software Architect Object Edge Inc (925) 943 5558 x108 "There are two kind of people: Those who do the work and those who take the credit. Try to be in the first group because there is less competition there." "Never give up on what you really want to do. The person with big dreams is more powerful than one with all the facts". |
|
|
all submits have been changed to POst and will note accept gets.
Yes my email client converts all HTML to text, so if the link produced is not supported then can not use the link. I change the verification page generates a code with the link goes to a new form what they paste the verification code in. [hidden email] sent the following on 11/17/2011 5:48 PM: > Additional info: > > Looks like around Sept 09, newcustomer and viewprofile screen were > reengineered. Not sure, if during that time it was decided to drop the > contact list from view profile page. Also, seems like there is no place to > view and edit credit card information. Here are few other screens that > were included in original viewprofile.ftl. Seems like we lost lot of > functionality during this reengineering!! > > ${screens.render( > "component://ecommerce/widget/CustomerScreens.xml#messagelist-include")} > > ${screens.render( > "component://ecommerce/widget/CustomerScreens.xml#FinAccountList-include" > )} > > <#-- Serialized Inventory Summary --> > ${screens.render( > 'component://ecommerce/widget/CustomerScreens.xml#SerializedInventorySummary' > )} > > <#-- Subscription Summary --> > ${screens.render( > 'component://ecommerce/widget/CustomerScreens.xml#SubscriptionSummary')} > > Also, ManageAddress.ftl refers to ViewProfile.groovy only for > partyContactMechValueMaps. Remaining values retrieved from db are not > used. May be we should create separate groovy file with just that. > > Regards, > Kiran Gawde > > Senior Software Architect > Object Edge Inc > (925) 943 5558 x108 > > "There are two kind of people: Those who do the work and those who take > the credit. Try to be in the first group because there is less competition > there." > "Never give up on what you really want to do. The person with big dreams > is more powerful than one with all the facts". > > > > > From: [hidden email] > To: [hidden email] > Date: 11/17/2011 04:44 PM > Subject: Re: verification email > > > > Additional info: > > There is viewprofile link in the email. But I think, it is going to wrong > page. > > i.e: there are two viewprofile.ftl > component://ecommerce/webapp/ecommerce/customer/profile/ViewProfile.ftl > component://ecommerce/webapp/ecommerce/customer/viewProfile.ftl > > I believe, view profile link in email is suppose to point to second ftl. > If I get the confirmation, I will do the change and submit the patch. > > Regards, > Kiran Gawde > > Senior Software Architect > Object Edge Inc > (925) 943 5558 x108 > > "There are two kind of people: Those who do the work and those who take > the credit. Try to be in the first group because there is less competition > > there." > "Never give up on what you really want to do. The person with big dreams > is more powerful than one with all the facts". > > > > > From: [hidden email] > To: [hidden email] > Date: 11/17/2011 04:18 PM > Subject: verification email > > > > Hi, > > When user registers for newsletter on ecommerce site, ofbiz sends the > verification email. The email has form and submit button. Some email > client won't allow the form submit. > > Hence, I tried changing it to hyperlink but it gives following error. Does > > > anyone have better idea? > > Request updateContactListPartyNoUserLogin caused an error with the > following message: Error calling event: > org.ofbiz.webapp.event.EventHandlerException: Found URL parameter > [contactListId] passed to secure (https) request-map with uri > [updateContactListPartyNoUserLogin] with an event that calls service > [updateContactListPartyNoUserLogin]; this is not allowed for security > reasons! The data should be encrypted by making it part of the request > body (a form field) instead of the request URL. Moreover it would be kind > if you could create a Jira sub-task of > https://issues.apache.org/jira/browse/OFBIZ-2330 (check before if a > sub-task for this error does not exist). If you are not sure how to create > > > a Jira issue please have a look before at > http://cwiki.apache.org/confluence/x/JIB2 Thank you in advance for your > help. > > Regards, > Kiran Gawde > > Senior Software Architect > Object Edge Inc > (925) 943 5558 x108 > > "There are two kind of people: Those who do the work and those who take > the credit. Try to be in the first group because there is less competition > > > there." > "Never give up on what you really want to do. The person with big dreams > is more powerful than one with all the facts". > > > |
«
Return to OFBiz - Dev
|
1 view|%1 views
| Free forum by Nabble | Edit this page |