felix-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Felix Meschberger (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (FELIX-4301) Updated configuration is transmitted as query string to the request URL instead of POST payload
Date Mon, 04 Nov 2013 14:58:17 GMT

    [ https://issues.apache.org/jira/browse/FELIX-4301?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13812880#comment-13812880
] 

Felix Meschberger commented on FELIX-4301:
------------------------------------------

The problem seems to be in the save button function:

$.post(pluginRoot + '/' + $(this).attr('__pid') + '?' + $(this).find('form').serialize(),
function() {
			// reload on success - prevents AJAX errors - see FELIX-3116
			document.location.href = pluginRoot; 
		});

Here the form is serialized and appended to the request URL. This is wrong. The serialized
form must be transmitted as part of the request body.

> Updated configuration is transmitted as query string to the request URL instead of POST
payload
> -----------------------------------------------------------------------------------------------
>
>                 Key: FELIX-4301
>                 URL: https://issues.apache.org/jira/browse/FELIX-4301
>             Project: Felix
>          Issue Type: Bug
>          Components: Web Console
>    Affects Versions: webconsole-4.2.0
>            Reporter: Felix Meschberger
>            Assignee: Felix Meschberger
>
> When updating configuration in the Configuration Manager screens, the updated configuration
is supplied as query string to the request URL, albeit in a POST request.
> This is bad on multiple accounts: data is transmitted as URLs and thus may be logged
and there is a natural limit in the size of request URLs.
> We must make sure such configuration updates are actually transmitted as payload to the
POST requests.



--
This message was sent by Atlassian JIRA
(v6.1#6144)

Mime
View raw message