Custom Parameters on a Web Resource URL (i.e. is there any way to circumvent the restriction without the encoded "data" parameter)

(0) Share

Report

Posted on by James

Hi all

I'm aware of the "data" parameter and the restrictions around calling a CRM web resource with custom parameters.

What this question is about, is whether it is possible to circumvent them? I realise this is probably not recommended, but we have an off the shelf application that allows us to specify the resource URI we call, but it constructs the querystring on your behalf based on a variable selection list you can choose from. The end result is that you can't encode these parameters and put them in a "data" parameter - they are constructed as normal parameters without an option to manipulate them.

We need this application to call a web resource in CRM, hence the question around circumvention.

I've heard rumours of a registry setting, but a) I can't seem to find any reference to it, and b) we're using Online anyway...

Thanks
James

*This post is locked for comments

All responses (2)

Answers (0)

James on at

Like (0)

Report

RE: Custom Parameters on a Web Resource URL (i.e. is there any way to circumvent the restriction without the encoded "data" parameter)

Hi Scott - thanks for your answer. Were you going to suggest something else? I see you started a sentence as "You could" but got no further.
Suggested answer

ScottDurow 50,177 on at

Like (0)

Report

RE: Custom Parameters on a Web Resource URL (i.e. is there any way to circumvent the restriction without the encoded "data" parameter)

Hi,

You can't get around this because it is a mechanism to prevent any possibility of a malicious attack.

You could

Hope this helps