Hi David, many screens in the party manager have a 'back' button which uses this request. One can discuss if this button is required...however if used, i do not see anything wrong with this generic request.
i another mail i ask you to give reasons for this statement. Regards, Hans On Tue, 2009-04-28 at 05:53 -0600, David E Jones wrote: > On Apr 28, 2009, at 12:53 AM, Jacques Le Roux wrote: > > > Also as David pointed out, they should be used only with requests > > using https since now they are always secured. > > Actually no, I didn't say that, I said: "Along with that, they should > require https or not depending on the other requests they are working > with." You can see that quote below. In general if you re-read what I > wrote I was recommending against having such generic requests and > using some specific to the set of screens being created. > > -David > > > > So they are ok for backend (is there any exceptions in backend where > > we dont secure URIs ?) but not for eCommerce for instance. We could > > have also the pair not secured for these cases, like backHomeS and > > backLastS for these one and backHome and backLast for the non > > secured pair. Then al this could be set in common-controller. Though > > beware, some links are secured in eCommerce too, like checking out > > for instance... > > > > My 2 cts > > > > Jacques > > > > From: "Hans Bakker" <mailingl...@antwebsystems.com> > >> I was wrong that it was not used, (forgot about it, wrote it myself) > >> > >> it is currently used in the create contact mechanisms in the party > >> profile and in the mean time i have put it back with security as > >> jacques > >> pointed out. > >> > >> regards, > >> Hans > >> > >> On Mon, 2009-04-27 at 19:55 +0200, Malin Nicolas wrote: > >>> Hans Bakker a écrit : > >>> > but do not waste too much time on this, they are not used > >>> anywhere..... > >>> > > >>> I thinks the view-last and view-home is good to manage user screen > >>> process. On many case, we have some user who do a search and operate > >>> some data modification. After operate their modification, they whant > >>> return to the last search result. > >>> > >>> Example, you list customer that missing last name, and for each put > >>> missed field. Actualy you need, do the search, select customer, > >>> save tel > >>> number, return to search, do the search. > >>> With view-last we can do : > >>> make the search, select customer, save tel number, select > >>> customer, save > >>> tel number, ... > >>> > >>> I try to implement this with view-last but if we call with request > >>> we > >>> have some previous parameters that break the last search, and if > >>> we call > >>> with reques-redirect, we lost security. > >>> > >>> If you add security on new uri backLast when can do that. > >>> > >>> Nicolas > >>> > >>> > On Sat, 2009-04-25 at 19:10 -0600, David E Jones wrote: > >>> > > >>> >> Where do these come from? > >>> >> > >>> >> The "view-home" and "view-last" response types should NEVER be > >>> used > >>> >> generically like this and instead should be specific for the > >>> >> particular request flow they are part of. Along with that, they > >>> should > >>> >> require https or not depending on the other requests they are > >>> working > >>> >> with. > >>> >> > >>> >> -David > >>> >> > >>> >> > >>> >> On Apr 25, 2009, at 12:32 PM, Jacques Le Roux wrote: > >>> >> > >>> >> > >>> >>> Is it normal that the backHome and backLast are not securised ? > >>> >>> > >>> >>> <request-map uri="backHome"> > >>> >>> <response name="success" type="view-home"/> > >>> >>> </request-map> > >>> >>> <request-map uri="backLast"> > >>> >>> <response name="success" type="view-last"/> > >>> >>> </request-map> > >>> >>> > >>> >>> Jacques > >>> >>> > >>> >>> > >>> > >>> > >> -- > >> Antwebsystems.com: Quality OFBiz services for competitive rates > > > > > -- Antwebsystems.com: Quality OFBiz services for competitive rates
