Question
SECU0019 Unauthorized request detected when using OOTB control
We recently moved from Pega 7.2.2 to 8.4.3 and came across a problem - clicking on filter icon in Table causes Security Alert:
Unauthorized request detected : Unregistered request encountered for activity pzRunActionWrapper
and there is a warning message on UI:
URL tampering vulnerability detected.
This article https://community.pega.com/knowledgebase/articles/security/85/verify-requests-application-layer implies that this warning only appears when using custom non-autogenerated controls, however we are using OOTB table filtering functionality, we don't have any custom controls or Run Script actions in our application.
Is this Pega's defect or do we need to change some settings in our application after moving from 7.2.2? Will this be fixed in 8.5 since pyBlockUnregisteredRequests will be blocking unregistered requests by default?
Hello,
Are you having this issue on a specific table? Or is it all of them?
Have you try the same thing with an Out-Of-The-Box operator on a default table on UI Gallery for example?