[
https://issues.apache.org/jira/browse/FELIX-4301?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13812880#comment-13812880
]
Felix Meschberger commented on FELIX-4301:
------------------------------------------
The problem seems to be in the save button function:
$.post(pluginRoot + '/' + $(this).attr('__pid') + '?' +
$(this).find('form').serialize(), function() {
// reload on success - prevents AJAX errors - see
FELIX-3116
document.location.href = pluginRoot;
});
Here the form is serialized and appended to the request URL. This is wrong. The
serialized form must be transmitted as part of the request body.
> Updated configuration is transmitted as query string to the request URL
> instead of POST payload
> -----------------------------------------------------------------------------------------------
>
> Key: FELIX-4301
> URL: https://issues.apache.org/jira/browse/FELIX-4301
> Project: Felix
> Issue Type: Bug
> Components: Web Console
> Affects Versions: webconsole-4.2.0
> Reporter: Felix Meschberger
> Assignee: Felix Meschberger
>
> When updating configuration in the Configuration Manager screens, the updated
> configuration is supplied as query string to the request URL, albeit in a
> POST request.
> This is bad on multiple accounts: data is transmitted as URLs and thus may be
> logged and there is a natural limit in the size of request URLs.
> We must make sure such configuration updates are actually transmitted as
> payload to the POST requests.
--
This message was sent by Atlassian JIRA
(v6.1#6144)
