Hi we are using IBM Commerce Sever Moving from one view to another using via code like below.
protected void prepareResponse(){
...
String returnUrl = "www.example.com/aNewPage.jsp?aUrlParameter=123&anotherParameter=654"
...
StringBuffer sb = new StringBuffer(returnUrl);
sb.append("&storeId=").append(commandContext.getStoreId());
sb.append("&langId=-1");
responseProperties.put(ECConstants.EC_REDIRECTURL, sb.toString());
responseProperties.put(ECConstants.EC_VIEWTASKNAME, ECConstants.EC_GENERIC_REDIRECTVIEW);
}
The url we are ending up at is www.example.com/aNewPage.jsp?krypto=ABCDF0LotsOfRandomCharacters unfortunitly due to 3rd party intergration we have javascript looking for the unencryptped form of the url parameters and of couse it cannot decrypt the krypto parameter.
This behavour is as per the documentation:
Flattening input parameters into a query string for HttpRedirectView All input parameters that are passed to a redirect view command are flattened into a query string for URL redirection. For example, suppose that the input to the redirect view command contains the following properties: URL = "MyView?p1=v1&p2=v2"; ip1 = "iv1"; // input to orginal controller command ip2 = "iv2" ; // input to original controller command op1 = "ov1"; op2 = "ov2"; Based upon the preceding input parameters, the final URL is MyView?p1=v1&p2=v2&ip1=iv1&ip2=iv2&op1=ov1&op2=ov2 Note that if the command is to use SSL, then the parameters are encrypted and the final URL appears as MyView?krypto=encrypted_value_of“p1=v1&p2=v2&ip1=iv1&ip2=iv2&op1=ov1&op2=ov2”
Now the question: How do I prevent these url parameters being encrypted?
The parameters that are encryted are controled by the NonEncryptedParameters node in wc-server.xml. Adding the url parameters you want to stay in clear text to that node mean they don't get encrypted.
I found the answer on IBM's Forum and a link detaling the use of the NonEncryptedParameters Node which talks about doing this for cache purposes.