Jacques, Chris, David, all,
it seems that this small mod was causing a few concerns so I ended up
with a totally different solution: in rev. 452778 I've implemented a new
generic screen that can be used to render a link backed up by an hidden
form.
An example of its usage is in rev. 452780
I think with this to have addressed all your remarks.
Thanks for your great feedback,
Jacopo
Jacques Le Roux wrote:
Jacopo, Chris, David,
I think this last point is worth to be considered... (relates to
https://issues.apache.org/jira/browse/OFBIZ-260)
Jacques
From: "Chris Howe" <[EMAIL PROTECTED]>
I'm not a malicious hacker type person, but allowing a
parameter map into the url, i believe, also has the
potential to be a security hazzard with buffer
overflow.
--- Jacopo Cappellato <[EMAIL PROTECTED]> wrote:
This makes sense... however the limitations are not
so big and I think
that what I've proposed can be used in many other
places without big
troubles: the non-ASCII issue is already present in
the system (for
example in the product keywords screen) and the max
2048 chars is high
enough to make it usable in most of the screens.
Jacopo
Chris Howe wrote:
I would think wait. It's a local solution for you
knowing the limitations, but if anyone else used
it
without realizing the limitation (and they're
rather
obscure), they wouldn't get the results they would
be
expecting.
