Question

1
Replies
70
Views
Close popover
Engincan Yildiz (EngincanY)
Tekfen Holding
Business Solutions Software Specialist
Tekfen Holding
TR
EngincanY Member since 2018 68 posts
Tekfen Holding
Posted: October 14, 2019
Last activity: December 4, 2019
Closed

WorkLink encryption problem

Hi,

I use WorkLink Corr-Fragment in the emails that I send to the users for case approval. However the url which pega generated is very clear text string. I mean user can see the access group and work pool, even the work id, thus one can change the id of the case and go to that case immediately.

It seem pega uses URL encryption function but I am not sure if it works properly.

tools.putSaveValue("RedirectLocation", pega_rules_utilities.encodeURLParameter("pyActivity=Work-.Open&Action=Review&HarnessPurpose=Review&InsHandle="+ insHandle));

Can anyone give me additional information about encryption of work link ?

Thank you.

Pega Platform Low-Code App Development Security
Moderation Team has archived post