You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@ofbiz.apache.org by "ASF subversion and git services (Jira)" <ji...@apache.org> on 2021/01/21 12:50:00 UTC

[jira] [Commented] (OFBIZ-12147) Allow Unsafe Event Message

    [ https://issues.apache.org/jira/browse/OFBIZ-12147?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17269276#comment-17269276 ] 

ASF subversion and git services commented on OFBIZ-12147:
---------------------------------------------------------

Commit 1bfd3c5fb0c33959c19dd0a14549728808da2e4a in ofbiz-framework's branch refs/heads/trunk from James Yong
[ https://gitbox.apache.org/repos/asf?p=ofbiz-framework.git;h=1bfd3c5 ]

Improved: Allow Unsafe Event Message (OFBIZ-12147)

Allow application to define event messages that contain javascripts, via request attribute "_UNSAFE_EVENT_MESSAGE_"

Thanks Jacques for review


> Allow Unsafe Event Message
> --------------------------
>
>                 Key: OFBIZ-12147
>                 URL: https://issues.apache.org/jira/browse/OFBIZ-12147
>             Project: OFBiz
>          Issue Type: Improvement
>          Components: base
>    Affects Versions: Upcoming Branch
>            Reporter: James Yong
>            Assignee: James Yong
>            Priority: Minor
>             Fix For: Upcoming Branch
>
>         Attachments: OFBIZ-12147
>
>
> Currently, we can display flash message by setting in request attribute "__EVENT_MESSAGE__".
>  Propose to add another request attribute i.e. "__UNSAFE_EVENT_MESSAGE__" for messages that can contain inline javascript.
> One use case is to allow us to display last login timestamp with browser-specific format.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)