2

It's possible to remove the "/*-secure-" sentence from the response of the worklight adapter? 

/*-secure-
{"isSuccessful":true,"result":"CC: No subscription found for user :: 11111"}*/

version: Mobilefirst 7.0.0

Francisco Díaz
  • 73
  • 11
  • Yes, it is. But it will be impossible to show you all millions of methods to do that in every thinkable situation. At least add info/tags on: Programming language? Also, showing what you've tried makes sense. This seems so trivial! – Marcus Müller Jun 29 '15 at 12:13
  • i want to remove it before responding, in the same adapter, not in the back-end – Francisco Díaz Jun 29 '15 at 12:17
  • 1
    that doesn't really explain why you're having a problem with simplest string manipulations – Marcus Müller Jun 29 '15 at 12:18
  • the back-end waits a Json without the "/*-secure-" sentence, I need the adapter does not send that sentence, I have no control over the backend. – Francisco Díaz Jun 29 '15 at 12:26
  • I understand that, but still, you're not giving nearly enough information. In what kind of data do you have the reply? Are you restricted by anything to not use normal string operation to replace the unwanted string by an empty string? – Marcus Müller Jun 29 '15 at 12:56
  • its is a feature of MobileFirst Adapter, only if you know these software you can help me – Francisco Díaz Jun 29 '15 at 14:16
  • MobileFirst adapters are developed by using XML, JavaScript, and XSL. so your question is really just a JavaScript string handling question. – Marcus Müller Jun 29 '15 at 14:18
  • 1
    This response is generated automatically by the adapter without any JavaScript code. to fix it you must configure something else in the adapter, perhaps with security realms or something similar – Francisco Díaz Jun 29 '15 at 14:28
  • I don't think so; the adapter is specified to return valid JSON, so it's a bug. You either get that fixed, or you work around with something that first parses the response. I was assuming you're doing the latter. – Marcus Müller Jun 29 '15 at 14:31
  • it's not a bug, it is the normal behaviour of the adapter, is a security measure of worklight, I want to disable it – Francisco Díaz Jun 29 '15 at 14:37
  • 2
    Then this is not a programming question, but an admistration question. Also: *NEVER* disable security features because you can't figure out how to work with them; there needs to be a way, and you as a developer need to find it. – Marcus Müller Jun 29 '15 at 14:38
  • i know that you will always get JSON wrapped in /*secure */. This is to prevent using WL server for XSS attacks – Francisco Díaz Jun 29 '15 at 14:56
  • Can you update the question with version of MobileFirst Platform that you are using ? – Leandro David Jun 29 '15 at 15:41

1 Answers1

1

You can take a look at the answers in this other OS question

Calling Worklight adapter from external app

I believe it is not possible to remove the /*-secure from the response. As responded in that question, it is a feature to avoid XSS atacks.

Community
  • 1
  • 1
Leandro David
  • 577
  • 6
  • 20