Skip to main content
Contact a Moderator

Question

2
Replies
316
Views
 Abhishek Anand (Abhishek_Cap) Areteans UK Senior Consultant
Areteans UK
GB
Abhishek_Cap Member since 2015 7 posts
Areteans UK
Posted: August 5, 2019
Last activity: August 12, 2019
Posted: 5 Aug 2019 11:16 EDT
Last activity: 12 Aug 2019 16:53 EDT
Closed

Pega WebMashup Security concerns

Hi All,

Recently, whilst working with on the banking giants in UK, we were turned down to use the Pega Web Mashup because it uses IFrame and the use of Iframe opens up the security vulnerabilities such as cross-site threats.

Can someone suggest what to do in that scenario?

Low-Code App Development Security User Experience
Moderation Team has archived post, This thread is closed to future replies. Content and links will no longer be updated. If you have the same/similar Question, please write a new Question.
Posted: 2 years ago
Posted: 12 Aug 2019 16:53 EDT
John Paul Raja Christu Raja (JohnPaulRaja,C) Healthfirst Consultant
Healthfirst
US

Application restricted with CSRF

Add below DSS to get exception for mashup consumer portal

Pega-Engine 

security/csrf/validreferers

Value : add mash up consumer URL 

We'd prefer it if you saw us at our best.

Pega Collaboration Center has detected you are using a browser which may prevent you from experiencing the site as intended. To improve your experience, please update your browser.

Close Deprecation Notice