Hi Sascha,
Looks good to me
Jacques
From: "Sascha Rodekamp"
Jep you're right, but what he is talking about is the double Opt In for
Newsletter sign ups (You have to do this in germany).
It means, when you hab signed up for a newsletter you got a mail with a
verification link. Ofbiz generates
Jep you're right, but what he is talking about is the double Opt In for
Newsletter sign ups (You have to do this in germany).
It means, when you hab signed up for a newsletter you got a mail with a
verification link. Ofbiz generates this email but with a bunch of Get
parameters which is really a se
Quick answer: are you using a get method with your action (I see these parameters in the URL)?
Because this is bad for XSS. We use hidden fields with post. But maybe I completly missed the point ;o)
Jacques
From: "Sascha Rodekamp"
The main issue we focused here, was the fromDate parameter in
The main issue we focused here, was the fromDate parameter in the URL.
fromDate=2011-01-13 10:46:32.952
It's really bad have a space in the URL isn't it?
2011/1/13 Mirko Vogelsmeier
> Hi there,
>
> ive been working on some basic newsletter-signup stuff with OptInCodes.
> When accepting an OptI
Hi there,
ive been working on some basic newsletter-signup stuff with OptInCodes.
When accepting an OptInCode the user has to pass through 4 different
variables (OptInCode + 3 primary keys).
Other than this doesnt look nice at all for any given user it reveals some
of our primary keys which has
