我想结束OFBiz中URL的参数,但是我收到了这个错误 来自安全
org.apache.ofbiz.webapp.event.EventHandlerException: Found URL parameter [twCompagneDeRecrutementId]
passed to secure (https) request-map with uri [showCompagne] with an event that calls service [showCompagne];
this is not allowed for security reasons! The data should be encrypted by making it part of the request body (a form field) instead of the request URL.
Moreover it would be kind if you could create a Jira sub-task of https://issues.apache.org/jira/browse/OFBIZ-2330 (check before if a sub-task for this error does not exist). If you are not sure how to create a Jira issue please have a look before at http://cwiki.apache.org/confluence/x/JIB2
这是我的ftl
<#if listCompagne??>
<#list listCompagne as newCompagne>
<div style="display:flex; width:100%;">
<div style="padding:6px; width:24%;"><label>${newCompagne.nom}</label></div>
<div style="padding:6px; width:24%;"><label>${newCompagne.dateDebut ?date}</label></div>
<div style="padding:6px; width:24%;"><label>${newCompagne.dateFin ?date}</label></div>
<input type="hidden" value="${newCompagne.twCompagneDeRecrutementId}"/>
<div style="padding:6px; width:20%;"> <a class="btn btn-outline-danger btn-block " href="<@ofbizUrl>showCompagne?twCompagneDeRecrutementId=${newCompagne.twCompagneDeRecrutementId}</@ofbizUrl>">afficher</a>
</div>
</div>
</#list>
答案 0 :(得分:1)
我不使用ofbiz,但你应该在body中而不是在查询中发送参数。
在您的情况下,我会添加一个表单并使用隐藏表单输入提交表单,使用index每次迭代表单应该是唯一的
<form action="<@ofbizUrl>showCompagne?</@ofbizUrl>" id="afficher${newCompagne?index}" method="post" style="display: none;">
<input type="hidden" name="twCompagneDeRecrutementId" value="${newCompagne.twCompagneDeRecrutementId}" />
</form>
<a class="btn btn-outline-danger btn-block "
href="javascript:;" onclick="javascript:
document.getElementById('afficher${newCompagne?index}').submit()">afficher</a>
答案 1 :(得分:-2)
解决方案是转到url.properties并将parameters.url.encrypt更改为no