I know this has been discussed on the dev list. I would love to provide patches. I am guessing this has to be changed to a post, if I understand right.
it seems most of the delete button in catalog section come up with similar messages. https://localhost:8443/catalog/control/promo_deleteProductStorePromoAppl?productStoreId=TestStore&productPromoId=9019&fromDate=2009-04-27%2015:11:56.0 Error calling event: org.ofbiz.webapp.event.EventHandlerException: Found URL parameter [productStoreId] passed to secure (https) request-map with uri [promo_deleteProductStorePromoAppl] with an event that calls service [deleteProductStorePromoAppl]; this is not allowed for security reasons! The data should be encrypted by making it part of the request body (a form field) instead of the request URL. -- BJ Freeman http://www.businessesnetwork.com/automation http://bjfreeman.elance.com http://www.linkedin.com/profile?viewProfile=&key=1237480&locale=en_US&trk=tab_pro Systems Integrator.
