Deprecation: #84407 - RSA public key generation without "Content-Type: application/json"¶
See forge#84407
Description¶
The default response of the Rsa
eID script was broken since it
claimed to return a JSON response but in fact returned a simple string containing a concatenation of
public key modulus and exponent.
The eID script now returns a proper JSON response if requested with the
Content-
HTTP header:
{
"publicKeyModulus": "ABC...",
"exponent": "10..."
}
Impact¶
Extensions performing custom AJAX requests against the Rsa
eID script without the Content-
HTTP header will trigger a deprecation
warning in v9 and an error response in v10.
Affected Installations¶
Sites which do not use the default RSA encryption JavaScript to handle form value encryption.
Migration¶
The default RSA encryption JavaScript has been migrated, custom implementations must add the
Content-
HTTP header to AJAX requests and parse the JSON response
accordingly.