[fusion-commits] r2969 - sandbox/adsk/3.2o/lib
svn_fusion at osgeo.org
svn_fusion at osgeo.org
Thu Mar 2 19:04:49 PST 2017
Author: christinebao
Date: 2017-03-02 19:04:49 -0800 (Thu, 02 Mar 2017)
New Revision: 2969
Modified:
sandbox/adsk/3.2o/lib/fusion.js
Log:
Ticket 2763
The javascript method - createSessionId in fusion.js will send the HTTP request with the "GET" method. The user name and the password are visible. So the "GET" method is changed to the "POST" method.
Modified: sandbox/adsk/3.2o/lib/fusion.js
===================================================================
--- sandbox/adsk/3.2o/lib/fusion.js 2016-12-23 08:09:04 UTC (rev 2968)
+++ sandbox/adsk/3.2o/lib/fusion.js 2017-03-03 03:04:49 UTC (rev 2969)
@@ -1645,14 +1645,20 @@
var createSessionId = function(user, pass){
var xhr = getXmlHttpRequest();
var url = Fusion.fusionURL+"layers/MapGuide/php/CreateSession.php";
+ var params = "";
if (user != null && user != "")
{
- url += "?username=" + user;
- if (pass != null && pass != "")
- url += "&password=" + pass;
+ params += "username=" + user;
+ if (pass != null && pass != "") {
+ params += "&password=" + pass;
+ }
}
- xhr.open("GET", url, false);
- xhr.send(null);
+ xhr.open("POST", url, false);
+ xhr.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
+ xhr.setRequestHeader("Content-length", params.length);
+ xhr.setRequestHeader("Connection", "close");
+ xhr.send(params);
+
var o = Fusion.parseJSON(xhr.responseText);
Fusion.sessionId = o.sessionId;
var version = o.siteVersion;
@@ -1717,4 +1723,3 @@
}
})();
-
More information about the fusion-commits
mailing list