Question

1
Replies
83
Views
Engincan Yildiz (EngincanY)
Tekfen Holding
Software Senior Specialist
Tekfen Holding
TR
EngincanY Member since 2018 74 posts
Tekfen Holding
Posted: October 14, 2019
Last activity: December 4, 2019
Posted: 14 Oct 2019 5:17 EDT
Last activity: 4 Dec 2019 12:42 EST
Closed

WorkLink encryption problem

Hi,

I use WorkLink Corr-Fragment in the emails that I send to the users for case approval. However the url which pega generated is very clear text string. I mean user can see the access group and work pool, even the work id, thus one can change the id of the case and go to that case immediately.

It seem pega uses URL encryption function but I am not sure if it works properly.

tools.putSaveValue("RedirectLocation", pega_rules_utilities.encodeURLParameter("pyActivity=Work-.Open&Action=Review&HarnessPurpose=Review&InsHandle="+ insHandle));

Can anyone give me additional information about encryption of work link ?

Thank you.

Pega Platform Low-Code App Development Security
Moderation Team has archived post, This thread is closed to future replies. Content and links will no longer be updated. If you have the same/similar Question, please write a new Question.