We have a custom auth scheme implemented which needs to redirect (302) to the TARGET URL including all original parameters and an additional flow parameter - as part of multi-factor authentication. We need SecureURLs turned on, for XSS protection, yet we need a way to read the original parameters and the additional param on the client.
So we need a way to either decrypt SMQUERYDATA on the client, or to bypass SecureURLs on this custom scheme. Are either of those options possible?
Can we call $$smdecode(smquerydata)$$ inside the .fcc to achieve this? So far this hasn't actually decrypted at all.
Thanks, Craig