You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@ofbiz.apache.org by "Jacques Le Roux (Jira)" <ji...@apache.org> on 2020/04/12 11:15:00 UTC
[jira] [Created] (OFBIZ-11593) "entity/list" request is a not
handled well
Jacques Le Roux created OFBIZ-11593:
---------------------------------------
Summary: "entity/list" request is a not handled well
Key: OFBIZ-11593
URL: https://issues.apache.org/jira/browse/OFBIZ-11593
Project: OFBiz
Issue Type: Bug
Components: framework/webtools
Affects Versions: Trunk
Reporter: Jacques Le Roux
Assignee: Jacques Le Roux
The "entity/list" request has been put in with OFBIZ-11007. It's used to call the entitymaint view and so is a demo/didactic duplicate of entitymaint request. It's only used in FindGeneric screen (look for the WebtoolsBackToEntityList label). It's problematic because since the CSRF token defense was put in you can no longer filter the entities from the entities list screen, even when the default NoCsrfDefenseStrategy is used. It works if you use the entitymaint request instead.
Anyway, 2020-01-19 I proposed in OFBIZ-11306 a solution for such cases. It was not used because 2020-02-14 I thought it was no longer needed, but it's necessary for this case, and maybe others not already detected:
{code:java}
if (pathInfo.get(0).indexOf('?') > -1) {
return pathInfo.get(0).substring(0, pathInfo.get(0).indexOf('?'));
} else {
- return pathInfo.get(0);
+ if (1 < StringUtils.countMatches(path, "/")) {
+ return pathInfo.get(0) + "/" + pathInfo.get(1);
+ } else {
+ return pathInfo.get(0);
+ }
{code}
--
This message was sent by Atlassian Jira
(v8.3.4#803005)