You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The ownMaterialNumber attribute of the Material entity is a string, which may contain many kinds of characters. And not all of these characters are suitable for URL-encoding.
Current behaviour
Several endpoints in the PURIS backend (for example the triggerXXXUpdateForMaterialNumber methods, the trigger endpoint of the ErpAdapterController and possibly several others...) are expecting an ownMaterialNumber as a plain String.
There is a risk that the parameter data arrives in malformed on the backend-side, or that the sending of the request on the frontend-side may fail.
After skimming through the swagger UI, I think the following endpoints are affected (as of today: Jul 12 2024):
/erp-adapter/trigger
/stockView/update-reported-product-stocks
/stockView/update-reported-material-stocks
/stockView/supplier
/stockView/reported-product-stocks
/stockView/reported-material-stocks
/stockView/materialnumbers-mapping
/stockView/customer
/production
/production/reported
/production/reported/refresh
/materials (GET)
/materialpartnerrelations (PUT and POST)
/demand /GET)
/demand/reported
/demand/reported/refresh
/delivery
/delivery/reported/refresh
Expected behavior
Use Base64.
I.e. insert a Base64 decoder on the backend side in the respective endpoint.
And respectively on the frontendside use a Base64 encoder, in all places, where one of the affected backend endpoint is called.
The text was updated successfully, but these errors were encountered:
Description
The ownMaterialNumber attribute of the Material entity is a string, which may contain many kinds of characters. And not all of these characters are suitable for URL-encoding.
Current behaviour
Several endpoints in the PURIS backend (for example the triggerXXXUpdateForMaterialNumber methods, the trigger endpoint of the ErpAdapterController and possibly several others...) are expecting an ownMaterialNumber as a plain String.
There is a risk that the parameter data arrives in malformed on the backend-side, or that the sending of the request on the frontend-side may fail.
After skimming through the swagger UI, I think the following endpoints are affected (as of today: Jul 12 2024):
Expected behavior
Use Base64.
I.e. insert a Base64 decoder on the backend side in the respective endpoint.
And respectively on the frontendside use a Base64 encoder, in all places, where one of the affected backend endpoint is called.
The text was updated successfully, but these errors were encountered: