URL string

  • Posts: 279
  • Thank you received: 1
7 years 9 months ago #262608

-- HikaShop version -- : 3.7
-- Joomla version -- : 3.6.5

I suspect that this must have occured with the recent update as I've never experienced this problem before.

I use Akeeba Admin Tools on EVERY site I deploy. It has a block for URLs which have tmpl=<parameter> in it. I have had complaints from my client saying people are being blocked when trying to checkout. When I look at the logs of Admin Tools I see the blockings because of "tmpl= in URL". The URL logged is:

www.digitalguarddawg.com/component/hikas...Vja291dA==?tmpl=ajax

As I mentioned, this has only started since upgrading to HS 3.7 so I suspect it's come in with this new version. I currently have the "tmpl= in URL" check turned off, but it's there for a reason - it's a security hole that needs plugging.

Please comment. Thanks.

Please Log in or Create an account to join the conversation.

  • Posts: 26159
  • Thank you received: 4028
  • MODERATOR
7 years 9 months ago #262612

Hi,

I'm sorry but HikaShop 3.7 does not exist.
www.hikashop.com/support/documentation/5...ashop-changelog.html

HikaMarket uses the "tmpl=ajax" parameter since a long time so we used the same parameters in the new HikaShop 3.0 system.
I'm sorry if admin tool is blocking that but there is no security hole and no reason to block these URLs which are perfectly safe.

Regards,

Jerome - Obsidev.com
HikaMarket & HikaSerial developer / HikaShop core dev team.

Also helping the HikaShop support team when having some time or couldn't sleep.
By the way, do not send me private message, use the "contact us" form instead.

Please Log in or Create an account to join the conversation.

Time to create page: 0.052 seconds
Powered by Kunena Forum