Collaboration Center

Question

Replies

238

Views

Abhishek_Cap

Member since 2015

5 posts

Capgemini India Pvt Ltd

Posted: August 5, 2019

Last activity: August 12, 2019

Closed

Pega WebMashup Security concerns

Hi All,

Recently, whilst working with on the banking giants in UK, we were turned down to use the Pega Web Mashup because it uses IFrame and the use of Iframe opens up the security vulnerabilities such as cross-site threats.

Can someone suggest what to do in that scenario?

Low-Code App Development

Security

User Interface

Posted: 1 year ago

Bhavya_Incessant

Coforge DPA

replied to Abhishek_Cap

Pega does provide methods to over come cross site scripting. Go through the below link for details:

https://community.pega.com/knowledgebase/articles/best-practices-avoid-cross-site-scripting-xss-vulnerabilities

Hope it helps.

Regards

Bhavya

Posted: 1 year ago

JohnPaulRaja,C

Cognizant

replied to Abhishek_Cap

Application restricted with CSRF

Add below DSS to get exception for mashup consumer portal

Pega-Engine

security/csrf/validreferers

Value : add mash up consumer URL

Explore upcoming sessions

Personalized tools to propel your success

Contact a moderator

Question

Pega WebMashup Security concerns

About Pegasystems

Related content:

Question

Pega WebMashup Security concerns

About Pegasystems

We'd prefer it if you saw us at our best.