[ https://issues.apache.org/jira/browse/OFBIZ-12363?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17442790#comment-17442790 ]
ASF subversion and git services commented on OFBIZ-12363: --------------------------------------------------------- Commit d6af7a19077e192bff94ac844650f9e54a1006e5 in ofbiz-framework's branch refs/heads/release18.12 from Wiebke Pätzold [ https://gitbox.apache.org/repos/asf?p=ofbiz-framework.git;h=d6af7a1 ] Fixed: Error while executing generateBlogRssFeed (OFBIZ-12363) removes ServiceEventHandler.checkSecureParameter related to OFBIZ-11260 Thanks: Jacques Le Roux for report > Error while executing generateBlogRssFeed > ----------------------------------------- > > Key: OFBIZ-12363 > URL: https://issues.apache.org/jira/browse/OFBIZ-12363 > Project: OFBiz > Issue Type: Bug > Affects Versions: 18.12.01 > Reporter: Wiebke Pätzold > Assignee: Wiebke Pätzold > Priority: Major > > As [~jleroux] mentioned on the dev-Mailinglist there is an error while > executing the generateBlogRssFeed. > To reproduce go to: > https://demo-trunk.ofbiz.apache.org/ecomseo/ViewBlogRss?entryLinkReq=ViewBlogArticle&mainLinkReq=MainBlog&blogContentId=BLOGROOTBIGAL > on the Release18.12 Branch > > Logged Error: > Found URL parameter [blogContentId] passed to secure (https) request-map with > uri [ViewBlogRss] with an event that calls service [generateBl > ogRssFeed]; this is not allowed for security reasons! The data should be > encrypted by making it part of the request body (a form field) instead of the > request URL. -- This message was sent by Atlassian Jira (v8.20.1#820001)