Uploaded image for project: 'OFBiz'
  1. OFBiz
  2. OFBIZ-10539

Issue with opening a page via bookmark when the user is logged out

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: Release Branch 17.12, Trunk
    • Fix Version/s: 18.12.01, 17.12.04
    • Component/s: framework
    • Labels:
      None

      Description

      Please refer to the discussions on dev-mailing-list

      There are issues with opening a bookmarked page when the user is logged out.

      Steps to generate:
      (Please refer Demo-trunk)

      1. Open this link, FindWorkEffort. Find Work Effort screen will be rendered.
      2. Inspect and change the form method to "GET".
      3. Apply any of the two statuses (say, Cancelled and Declined). Click on Find.
      4. Records will be fetched according to the applied filters.
      5. Check the URL. Cancelled and Declined statuses must be there in the URL.
      6. Bookmark this page and log out.
      7. Now, open the bookmark.
      8. The login page will be rendered. Check the URL here. It will be the same as it was when the page was being bookmarked.
      9. Type in the credentials and log in.
      10. The result may be different. Check the URL. One of the statuses is gone.

      Following are the issues:
      The bug here is (supposing the GET method is used)

      1. On opening the bookmark, the page is rendered with double encoding (if the value had a space character initially, the space character was already encoded into '' in the URL and when this bookmark is opened, this '' is again encoded). This particular issue cannot be generated from the above-mentioned steps but it exists.
      2. Suppose the bookmarked URL had multiple values from the same filter (say, Cancelled and Declined status), it renders with just one of the statutes applied. It is because the request handler prepares a Map of parameters from the query string and as is the property of Map to replace the old value if a new value is being added with the same key (in this example, first Cancelled status is put in this Map and then Declined), only Declined status is put in this Map.

      What happens is that the request handler prepares a map of query parameters from the query string and this map is used to create a redirect target. This redirect target (at this instance having both the above-mentioned issues) is called upon to render the requested page.

        Attachments

        1. OFBIZ-10539.patch
          1 kB
          Ritesh Kumar

          Issue Links

            Activity

              People

              • Assignee:
                pawan Pawan Verma
                Reporter:
                ritesh.kumar Ritesh Kumar
              • Votes:
                0 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: