[jira] Created: (OFBIZ-3982) Exception in CRUD operations using minilang

Thu, 07 Oct 2010 07:51:53 -0700 

Exception in CRUD operations using minilang
-------------------------------------------

                 Key: OFBIZ-3982
                 URL: https://issues.apache.org/jira/browse/OFBIZ-3982
             Project: OFBiz
          Issue Type: Bug
          Components: ALL COMPONENTS
    Affects Versions: Release 09.04
         Environment: LINUX
            Reporter: Shereen Ashraf


I'm trying to use the minilang to delete a record in an entity. I faced the 
following exception

Error calling event: org.ofbiz.webapp.event.EventHandlerException: Found URL 
parameter [reviewId] passed to secure (https) request-map with uri 
[RemovePlanetReview] with an event that calls service 
[learningRemovePlanetReview]; this is not allowed for security reasons! The 
data should be encrypted by making it part of the request body (a form field) 
instead of the request URL. Moreover it would be kind if you could create a 
Jira sub-task of https://issues.apache.org/jira/browse/OFBIZ-2330 (check before 
if a sub-task for this error does not exist). If you are not sure how to create 
a Jira issue please have a look before at http://docs.ofbiz.org/x/r.

Does anyone know what's this? I've done this experiment in  release10.04

this is how I wrote the delete button in the form

<field name="delete">
<hyperlink target="RemovePlanetReview?reviewId=${reviewId}" 
description="Delete"/></field>

this is the service
 <simple-method method-name="removePlantetReview" short-description="Delete a 
Planet Review">
     <entity-one entity-name="PlanetReview" value-name="lookedUpValue"/>
     <remove-value value-name="lookedUpValue"/>
</simple-method>

this is the request

<request-map uri="RemovePlanetReview">
  <security auth="true" https="true"/>
   <event type="service" invoke="learningRemovePlanetReview"/>
  <response name="success" type="view" value="ListPlanetReviews"/>
  <response name="error" type="view" value="ListPlanetReviews"/>
</request-map>

would anyone please tell what's going on?
Am I going to face the same trouble in 10.04 ?
Thanks in advance to anyone who can help 

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

Reply via email to