cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

URL Parameters

Former Member

on ‎07-14-2008 6:03 AM

0 Kudos

Hi Gurus,

Is there any probability to hide the extra url parameters,

for eg i am passing a Employee Number as URL+&Empno=456. from the program.

If the user knows other employee numbers he can directly paste and see the info.

Is there any chance to hide the extra parameters after logging into the Appplication .

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (2)

Answers (2)

alejandro_bindi
Active Contributor
‎07-15-2008 4:37 AM
0 Kudos

I think another option would be to use POST parameters, instead of GET (sending them on the request body, they're not visible to the user in the URL).

Depending on how you are currently calling your application, maybe this options requires quite more work, as you'll probably need to create an HTTP client object to be able to build up a request. I've never done this myself yet but I know the class CL_HTTP_CLIENT is available for this.

Show replies
Show replies
abhimanyu_lagishetti7
Active Contributor
‎07-14-2008 6:21 AM
0 Kudos

You can possibly avoid looking at other's information by checking the sy-uname with the infotype 105 with subtype 001 of the current executed employee number

Abhi

Show replies
Show replies
Former Member
‎07-14-2008 6:25 AM
0 Kudos

Hi Abhimanyu,

This Application is called from other applications passing the EMP number,not logging into application as a user

abhimanyu_lagishetti7
Active Contributor
‎07-14-2008 6:29 AM
0 Kudos

still every user has his own id to access right? even the first application which you are talking about is logged in by some user right?

are you running the application without any authorized login?

Abhi

Former Member
‎07-14-2008 6:39 AM
0 Kudos

Hi Abhimanyu,

I am having another application A say that userid XYZ123 and Employee Number is 12345 . In that application there is another employee number link say 456, if he is clicking 456 these employee number is passed as URL empno=456 in the second application say B, i need the application B to hide the Xtra URL empno= to be hided , so that he cannot use the same application once more by simply copy paste another Emp no( 789 if the knows ).

In the First application A we wil give him the 5 Emp Numbers , So that it calls the application B via those 5 Emp Numbers, If he knows the other employees he can paste their numbers in the URL and see.

IF there is another way to achieve this scenario let me know

abhimanyu_lagishetti7
Active Contributor
‎07-14-2008 6:56 AM
0 Kudos

Hi Vikranth

you can still achieve this with the check infotype 105, nyways

How are you navigating to that application, is it by LinkToURL ?

make it LinkToAction and

You can make use of Cross Components and use that Employee Web Dynpro component inside your component and navigate to that component using Plugs and pass the Employee number as a plug parameter, this way it is not visible to the user

Abhi

Former Member
‎07-14-2008 8:18 AM
0 Kudos

Hi Abhimanyu,

My applications is being called from differnent Applications not only Custom applications , but also standard applications,in the standard applications they made a BADI which calls the my application .

thomas_jung
Developer Advocate
Developer Advocate
‎07-14-2008 11:22 AM
0 Kudos

If both applications are ABAP based and run on the same ABAP-AS instance you could use Server Side Cookies or do an Export to Database to pass the parameter. Each will temporarly store the values in the database and you can just pass a GUID key to the other application via URL parameter so it knows which record to read from the DB. You could also consider encoding the parameter in Base64 - like the URL mangling in BSP. This isn't hacker proof since Base64 is very simple to decode, but would stop the causual user from being able to type in a URL parameter value.

Ask a Question