commerce while redirecting converts all parameters in the URL querty string to a krypto value.
Krypto = encrypted(querystringParameters,merchantKey).
You can bypass params from this krypto by the configuration mentioned below in wc-server.xml
e.g.
storeId=10151&
catalogId=10101&
langId=-1&
orderId=55011&
myName=y
krypto:=7Agv%2BGyHJCuZcMIjIs%2Fd68CfRxuGbxeKNDAGlIEEXgm....
If there are parameters that are required to be not encrypted, commerce provides a configuration to define in wc-server.xml
<NonEncryptedParameters display="false">
<Parameter name="storeId"/>
<Parameter name="langId"/>
<Parameter name="catalogId"/>
<Parameter name="categoryId"/>
<Parameter name="productId"/>
</NonEncryptedParameters>
- Caching nightmare with Krypto. If the params are encrypted, it would be very difficult to define caching parameters so make sure, to add them in the above block. As a best practise all catalog related params, add them to the blocks
- krypto keeps getting longer and in the older versions of browser, it was a problem where developers had to remove the params and only keep the required one's in request\response.
It's about modifying the parameters. You can configure it depending on your preference.
ReplyDeleteGreat Article
ReplyDeleteCyber Security Projects for CSE Students
JavaScript Training in Chennai
Project Centers in Chennai
JavaScript Training in Chennai
Hi Sir,
ReplyDeleteDo you know how to decrypt the Krypto parameter.
Thank you!