[ https://issues.apache.org/jira/browse/OFBIZ-11593?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17094357#comment-17094357 ]
Jacques Le Roux commented on OFBIZ-11593: ----------------------------------------- Thanks Rohit, I'll have a look... > "entity/list" request is not handled well > ----------------------------------------- > > Key: OFBIZ-11593 > URL: https://issues.apache.org/jira/browse/OFBIZ-11593 > Project: OFBiz > Issue Type: Bug > Components: framework/webtools > Affects Versions: Trunk > Reporter: Jacques Le Roux > Assignee: Jacques Le Roux > Priority: Major > Fix For: Upcoming Branch > > Attachments: image-2020-04-28-14-22-36-940.png > > > The "entity/list" request has been put in with OFBIZ-11007. It's used to call > the entitymaint view and so is a demo/didactic duplicate of entitymaint > request. It's only used in FindGeneric screen (look for the > WebtoolsBackToEntityList label). It's problematic because since the CSRF > token defense was put in you can no longer filter the entities from the > entities list screen, even when the default NoCsrfDefenseStrategy is used. It > works if you use the entitymaint request instead. > Anyway, 2020-01-19 I proposed in OFBIZ-11306 a solution for such cases. It > was not used because 2020-02-14 I thought it was no longer needed, but it's > necessary for this case, and maybe others not already detected: > {code:java} > if (pathInfo.get(0).indexOf('?') > -1) { > return pathInfo.get(0).substring(0, > pathInfo.get(0).indexOf('?')); > } else { > - return pathInfo.get(0); > + if (1 < StringUtils.countMatches(path, "/")) { > + return pathInfo.get(0) + "/" + pathInfo.get(1); > + } else { > + return pathInfo.get(0); > + } > {code} -- This message was sent by Atlassian Jira (v8.3.4#803005)