The GitHub Actions job "CodeQL" on ofbiz-framework.git/release24.09 has failed. Run started by GitHub user nmalin (triggered by nmalin).
Head commit for run: c62443745d0baf3aff28508d28e745e6ddfa830a / Nicolas Malin <nicolas.ma...@nereide.fr> Fixed: Ajax request fail on restful page (OFBIZ-13231) (#889) A problem was detected with some ajax call did by js script that failed with error 405 like : https://demo-next.ofbiz.apache.org/webtools/control/entity/find/SetTimeZoneFromBrowser Reason : SetTimeZoneFromBrowser is a request define in common-controller.xml, so available on all component. In js the call is realized by : $.ajax({ url: "SetTimeZoneFromBrowser", type: "POST", async: false,... Navigator use the relative url to execute the call. In general case we have a page like https://demo-next.ofbiz.apache.org/$component/control/$request , js script realized their call with https://demo-next.ofbiz.apache.org/$component/control/$request-js. Like each request-js are present on common-controller.xml all component that include it can response. With rest url, the uri pattern is more complex and the script js generate a relative call like we have upper : _https://demo-next.ofbiz.apache.org/webtools/control/entity/find/SetTimeZoneFromBrowse_. The ControlServlet behind failed to retrieve the correct request and generate a http error 405 To fix : We remove all relative js call and create a dedicated webapp for that. $.ajax({ url: "/common-js/control/SetTimeZoneFromBrowser", type: "POST", async: false,... To pass through the authentification (we implement a new webapp), we store a jwt token with the current userLogin after the authentification that will use by common-ext to confirm authentification. This cookie is available during all the session time. For security reason, login cookie contains a jwt token generate with le JWTManager ofbiz class. Report URL: https://github.com/apache/ofbiz-framework/actions/runs/15490672667 With regards, GitHub Actions via GitBox
