Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Call a new Page as POST

jamilnour
Star Contributor
Star Contributor

‎03-15-2015 03:48 AM

Hello,

I added a new page to Share and this page has many parameters. Everything is working well and I can read the parameters from the new page widget as following:

 options : {
            nodeRef : page.url.args.nodeRef,
            pageNumber : page.url.args.pageNumber,
            webscriptAction : page.url.args.webscriptAction,
            certifyPluginParam : page.url.args.certifyPluginParam,
            siteId : (page.url.templateArgs.site != null) ? page.url.templateArgs.site : ""
        }


I have a security concern about sending the page parameters as GET and asking if it is possible to call it as POST? if yes how I can read the page arguments?

Best regards
Jamil
Labels:
0 Kudos
2 REPLIES 2

muralidharand
Star Contributor
Star Contributor

‎03-18-2015 12:37 AM

Hi,


Can you please take a look at start-workflow page?
The start-workflow page is called by the POST method from the start-workflow option from the document library actions.
The start workflow page is not built on Aikau style, but you can some idea on how to use the parameters, etc..
0 Kudos

jamilnour
Star Contributor
Star Contributor
In response to muralidharand

‎03-18-2015 07:24 AM

Thank you for guiding me to find the sample

I applied it an it works

For anybody who wants to do the same I have to notice that you should add the page action to the list of POST requests that does NOT require a token. This can be done by adding the following to the share-config-custom.xml


            <rule>
                <request>
                    <method>POST</method>
                    <path>/page/dologin(\?.+)?|/page/site/[^/]+/plugin|/page/plugin|/page/context/[^/]+/plugin</path>
                </request>
                <action name="assertReferer">
                    <param name="referer">{referer}</param>
                </action>
                <action name="assertOrigin">
                    <param name="origin">{origin}</param>
                </action>
            </rule>


To add this rule you should:

1- Copy the entire CSRFPolicy config in share-security-config.xml
2- Paste it into your share-config-custom.xml file and make sure it is replacing the old config section:
<config evaluator="string-compare" condition="CSRFPolicy" replace="true">…

3- Add the rule above same as the start-workflow rule

Best regards
Jamil
0 Kudos
Getting started

Tags

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2025 Khoros, LLC