• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: How to pass confidential information with WORedirect.
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: How to pass confidential information with WORedirect.

  • Subject: Re: How to pass confidential information with WORedirect.
  • From: Alexander Spohr <email@hidden>
  • Date: Tue, 30 Jun 2015 13:43:16 +0200
Use ssl.
And hire someone who knows about the internet.


Am 30.06.2015 um 13:40 schrieb Butchi Reddy Velagala <email@hidden>:

Hi Wick, 

I need  to pass some values(confidential values) to that URL. Please let me know how to do that.  


Thanks,
Butchi Reddy.


On Tue, Jun 30, 2015 at 3:48 PM, Christoph Wick <email@hidden> wrote:
POST doesn't solve a "security" problem. It maybe obfuscates the parameters for a layman but it doesn't encrypt them. Anyway ...

WORedirect uses HTTP status code 302 which makes the browser using GET. What you need is HTTP status code 307.

So, write your own subclass of WOCompnentent with a setter method for the URL to redirect:

public class MyRedirectComponent extends ERXComponent {
        private String url;
        public MyRedirectComponent(WOContext context) {
                super(context);
        }
        public void appendToResponse(WOResponse aResponse, WOContext aContext) {
                aResponse.setHeader(this.url, "location");
                aResponse.setStatus(307);
        }
        public void setUrl(String url) {
                this.url = "">         }
}

The method that submits your form should look like this:

public WOActionResults submitAction() {
        MyRedirectComponent nextPage = (MyRedirectComponent)
                        pageWithName(your.app.components.MyRedirectComponent.class);
        nextPage.setUrl("http://YOUR_REDIRECT_URL");
        return nextPage;
}

See http://programmers.stackexchange.com/questions/99894/why-doesnt-http-have-post-redirect

C.U.CW
--
What are the three enemies of a programmer? Sunlight, oxygen, and the appalling roar of the birds.

> On 30.06.2015, at 09:52, Butchi Reddy Velagala <email@hidden> wrote:
>
> Hi All,
>
> We have to pass some confidential information to the URL which configured in WORedirect. But WORedirect is accepting only query parameters (appended to the URL). So It is the security problem.
>
> So please let us know if there is any way to redirect to the URL with POST parameters or headers to hide them.
>
>
> Thanks in Advance,
> Butchi Reddy Velagala.
>
> _______________________________________________
> Do not post admin requests to the list. They will be ignored.
> Webobjects-dev mailing list      (email@hidden)
> Help/Unsubscribe/Update your Subscription:
>
> This email sent to email@hidden


Do not post admin requests to the list. They will be ignored. Webobjects-dev mailing list (email@hidden) Help/Unsubscribe/Update your Subscription: This email sent to email@hidden
References: 
 >How to pass confidential information with WORedirect. (From: Butchi Reddy Velagala <email@hidden>)
 >Re: How to pass confidential information with WORedirect. (From: Butchi Reddy Velagala <email@hidden>)

  • Prev by Date: Re: How to pass confidential information with WORedirect.
  • Next by Date: Re: How to pass confidential information with WORedirect.
  • Previous by thread: Re: How to pass confidential information with WORedirect.
  • Next by thread: Re: How to pass confidential information with WORedirect.
  • Index(es):
    • Date
    • Thread