Skip to main content
  • EN

Hi, I have published a workspace on FME Cloud (2019) where the user can submit parameters such as name, date of birth and comments (using this tutorial below adjusted this slightly to incorporate the new advanced 'webhooks' functionality) and a prettier html form.

https://knowledge.safe.com/articles/1295/send-source-data-to-fme-server-with-http-post.html

The target URL is as follows:

https://<fmeServerInstance>/fmedatastreaming/test/test.fmw?username=bruce&dob=20190101&comments=playstation<&tokenid>

Based upon the sensitivity of the information being passed (username, date of birth, status), is it possible to customise the response to omit out any sensitive information after the target URL post to FME Server?

New target URL response:

https://<fmeServerInstance>/fmedatastreaming/test/test.fmw?submitted_successfully

Reason for this requirement: it would be ideal for the user not to copy and paste the target URL response and send it to another user.

I have following this tutorial and linked the target URL to AWS API Gateway:

https://knowledge.safe.com/articles/24147/tutorial-creating-web-services-using-fme-server.html

I can understand this might be possible to customise the URL response in AWS, though I was hoping there might a be slight trick I have missed out in FME.

Hi @fme_forever

In FME 2019 I would highly recommend using FME Server Apps for this workflow:

 

https://docs.safe.com/fme/html/FME_Server_Documentation/WebUI/Server-Apps.htm

This allows you to create an app that can be shared via a discreet URL (e.g. https://<fmeServerInstance>/fmeserver/apps/<yourApp>). Additionally, the parameters of your workspace will not be submitted via query parameters, but as an URL encoded form in the body of the request. This is definitely better practice for submitting sensitive data. Also, FME Cloud instances are configured for SSL by default so all requests will be encrypted.

Hi @fme_forever

In FME 2019 I would highly recommend using FME Server Apps for this workflow:

 

https://docs.safe.com/fme/html/FME_Server_Documentation/WebUI/Server-Apps.htm

This allows you to create an app that can be shared via a discreet URL (e.g. https://<fmeServerInstance>/fmeserver/apps/<yourApp>). Additionally, the parameters of your workspace will not be submitted via query parameters, but as an URL encoded form in the body of the request. This is definitely better practice for submitting sensitive data. Also, FME Cloud instances are configured for SSL by default so all requests will be encrypted.

Hi @gerhardatsafe thanks for your reply. That's a great solution, however I've been make most of the API Gateway and Route 53 on the AWS platform. I'll be sure to check out the FME Server Apps that looks like a very good new addition.

Reply


Community Stats

30,159
Posts
114,480
Replies
37,806
Members
Terms & ConditionsCookie settings
A product of
Safe Software respectfully acknowledges that we live, learn and work on the traditional and unceded territories of the Kwantlen, Katzie, and Semiahmoo First Nations.