Question

1
Replies
18
Views
Close popover
Dmitriy Barykin (DmitriyB4284)
Lanit

Lanit
RU
View Profile
DmitriyB4284 Member since 2018 2 posts
Lanit
Posted: 1 week ago
Last activity: 6 days 10 hours ago

SECU0019 Unauthorized request detected when using OOTB control

We recently moved from Pega 7.2.2 to 8.4.3 and came across a problem - clicking on filter icon in Table causes Security Alert:

Unauthorized request detected : Unregistered request encountered for activity pzRunActionWrapper 

and there is a warning message on UI:

URL tampering vulnerability detected.

 

This article https://community.pega.com/knowledgebase/articles/security/85/verify-requests-application-layer implies that this warning only appears when using custom non-autogenerated controls, however we are using OOTB table filtering functionality, we don't have any custom controls or Run Script actions in our application.

Is this Pega's defect or do we need to change some settings in our application after moving from 7.2.2? Will this be fixed in 8.5 since pyBlockUnregisteredRequests will be blocking unregistered requests by default?

Pega Platform 8.4.3 Security
Close popover
Posted: 6 days ago
Close popover
Marc Lasserre (MarcLasserre_GCS)
PEGA
Principal Software Solutions Engineer
PEG
FR
View Profile

Hello, 

Are you having this issue on a specific table? Or is it all of them? 

Have you try the same thing with an Out-Of-The-Box operator on a default table on UI Gallery for example?
Share this page Share via LinkedIn Copying...
Copied!