Friday, July 29, 2011

Krypto | crazyness !!!

When ever a view or command is defined as HTTPS true in struts-config-ext.xml
commerce while redirecting converts all parameters in the URL querty string to a krypto value.
Krypto = encrypted(querystringParameters,merchantKey).
You can bypass params from this krypto by the configuration mentioned below in wc-server.xml

e.g.
storeId=10151&
catalogId=10101&
langId=-1&
orderId=55011&
myName=y

krypto:=7Agv%2BGyHJCuZcMIjIs%2Fd68CfRxuGbxeKNDAGlIEEXgm....

If there are parameters that are required to be not encrypted, commerce provides a configuration to define in wc-server.xml

<NonEncryptedParameters display="false">
<Parameter name="storeId"/>
<Parameter name="langId"/>
<Parameter name="catalogId"/>
<Parameter name="categoryId"/>
<Parameter name="productId"/>
</NonEncryptedParameters>

Problems associated with krypto:
  • Caching nightmare with Krypto. If the params are encrypted, it would be very difficult to define caching parameters so make sure, to add them in the above block. As a best practise all catalog related params, add them to the blocks
  • krypto keeps getting longer and in the older versions of browser, it was a problem where developers had to remove the params and only keep the required one's in request\response.
Posted by at
Labels:

2 comments:

  1. seo companyJanuary 25, 2012 at 1:29 AM

    It's about modifying the parameters. You can configure it depending on your preference.

    ReplyDelete
  2. AnonymousFebruary 24, 2020 at 5:57 AM

    Hi Sir,
    Do you know how to decrypt the Krypto parameter.
    Thank you!

    ReplyDelete

Subscribe to: Post Comments (Atom)