Re: Order Allocation

2017-12-18 Thread Vaibhav Jain 
Hello James,

We can enhance data model to handle the scenarios defined above:

*FacilityAssoc*
  facilityId*
  facilityIdTo*
  facilityAssocTypeId*
  fromDate*
  thruDate
  sequenceNo (For Ex: A facility have more than one alternate facility then
seqneceNum is used for sequencing)
*FacilityAssocType*
  facilityAssocTypeId*
  description

Please share your thoughts on this.

Thanks & Regards

Vaibhav Jain
Hotwax Systems,
vaibhav.j...@hotwaxsystems.com

On Tue, Dec 12, 2017 at 7:27 PM,  wrote:

>
> I have a scenario where I have 2 warehouses.  I always want to ship
> products from the nearest warehouse to the client.  How does ofbiz
> handle order allocation of product on sales orders to a specific
> warehouse.  Can we set up customers to get products from a specific
> warehouse?
>
> Thanks,
>
> James
>

Security Related Issues in OFBiz

2017-12-18 Thread vivek.mi 
Hello All,

A few issues were reported while testing my application using IBM AppScan
tool, built upon OFBiz framework for Blackbox testing. Issues are listed as
below:

1. Unsafe third-party link (target="_blank") in screens and forms.

2. Query Parameter in SSL Request while sending hidden fields in XML and FTL
forms.

3. Body Parameters Accepted in Query

4. Archive File Download

5. Cacheable SSL Page Found

Please suggest something how can i go ahead to resolve these issues. I am
using OFBiz version 12.05.

Thanks in advance,
Vivek Mishra



-
Vivek Mishra
--
Sent from: http://ofbiz.135035.n4.nabble.com/OFBiz-User-f135036.html

[MODERATE EMAIL] Unsafe third-party link (target="_blank")

2017-12-18 Thread Deepak Dixit 
Hi Sonali,

Your email has been moderated,
Please subscribe mailing list http://ofbiz.apache.org/mailing-lists.html


Thanks & Regards
--
Deepak Dixit
www.hotwaxsystems.com
www.hotwax.co

-- Forwarded message --
From: Sonali Agrahari 
To: user@ofbiz.apache.org
Cc:
Bcc:
Date: Mon, 18 Dec 2017 22:24:36 -0700 (MST)
Subject: Unsafe third-party link (target="_blank")
Hello All,

I am using OFBiz framework, some issues are reported when i ran a scan from
IBM Scan tool,

In some screens it is stating Unsafe third-party link (target="_blank").

Is it framework related or at my part? Kindly let me know how can i rectify
it.

Thanks,
Sonali



--
Sent from: http://ofbiz.135035.n4.nabble.com/OFBiz-User-f135036.html

[MODERATE EMAIL] Query parameter in SSL request

2017-12-18 Thread Deepak Dixit 
Hi Sonali,

Your email has been moderated,
Please subscribe mailing list http://ofbiz.apache.org/mailing-lists.html

Thanks & Regards
--
Deepak Dixit
www.hotwaxsystems.com
www.hotwax.co


-- Forwarded message --
From: Sonali Agrahari 
To: user@ofbiz.apache.org
Cc:
Bcc:
Date: Mon, 18 Dec 2017 21:50:04 -0700 (MST)
Subject: Query parameter in SSL request
Hello All,

I am working on ofbiz forms in XML and ftl.

I ran a scan using IBM Appscan tool. I got "Query parameter in SSL request"
in various forms in XML and FTL.

Kindly guide how can i resolve the issues?

Thanks,
Sonali



--
Sent from: http://ofbiz.135035.n4.nabble.com/OFBiz-User-f135036.html

Temporary File Download Vulnerability

2017-12-18 Thread vivek.mi 
Hello All,

I was doing Black box testing of my application using IBM AppScan Tool. It
has reported Temporary file download vulnerability.
Is it an issue in framework itself? Please suggest something.

Thanks,
Vivek Mishra



-
Vivek Mishra
--
Sent from: http://ofbiz.135035.n4.nabble.com/OFBiz-User-f135036.html