Custom Parameters on a Web Resource URL (i.e. is there any way to circumvent the restriction without the encoded "data" parameter)

(0) Share

Report

Posted on by James

Hi all

I'm aware of the "data" parameter and the restrictions around calling a CRM web resource with custom parameters.

What this question is about, is whether it is possible to circumvent them? I realise this is probably not recommended, but we have an off the shelf application that allows us to specify the resource URI we call, but it constructs the querystring on your behalf based on a variable selection list you can choose from. The end result is that you can't encode these parameters and put them in a "data" parameter - they are constructed as normal parameters without an option to manipulate them.

We need this application to call a web resource in CRM, hence the question around circumvention.

I've heard rumours of a registry setting, but a) I can't seem to find any reference to it, and b) we're using Online anyway...

Thanks
James

*This post is locked for comments

I have the same question (0)

All responses (2)

Answers (0)

Suggested answer

ScottDurow 21 on at

Like (0)

Report

Hi,

You can't get around this because it is a mechanism to prevent any possibility of a malicious attack.

You could

Hope this helps

Was this reply helpful? Yes No
James 2 on at

Like (0)

Report

Hi Scott - thanks for your answer. Were you going to suggest something else? I see you started a sentence as "You could" but got no further.

Was this reply helpful? Yes No