LinkedIn
Copied!

Table of Contents

Adding URL mappings to secure inline images for triage cases

Version:

Only available versions of this content are shown in the dropdown

Ensure that inline images displayed in email triage cases are more secure for Pega Email Bot™. By adding URL mappings to your application, sensitive data embedded in inline image attributes for a triage case is encrypted and displayed by the system as hash code. The URL Mappings rule defines simple URL patterns that you can use in your application's work items, for example, email triage cases and its inline images.

For example, after you add URL mappings and you then enable web developer tools for your browser, the attribute information for a triage case inline image HTML tags is encrypted and displayed by the system as hash code.
Enable secure URL obfuscation dynamic system settings in your Pega Platform:
  • Set prconfig/initialization/SubmitObfuscatedURL/default to required.
  • Set prconfig/initialization/Urlencryption/default to true

For more information, see Understanding dynamic system settings and Creating a dynamic system setting.

Add URL mappings to the top-most pyDefault rule in your application, only if you enabled URL obfuscation dynamic system settings in your system. URL obfuscation is an encoding technique that scrambles the characters in a URL or query string as a security measure, to make the URL contents less easily interpreted by people or HTTP sniffers.
  1. Switch to Dev Studio.

  2. In the navigation pane of Dev Studio, click Records.

  3. Expand the Technical category, and then click URL Mappings.

  4. In the list of URL mappings rule instances, open the top-most rule for your application: pyDefault.

  5. Define the getEmailImgByHash URL alias:

    1. In the Cases section, click Add URL alias.

    2. In the Define URL Mapping window, in the Identifier field, enter: GetEmailImgByHash

    3. Clear the Map path elements for URL generation check box.

    4. In the list in the Path element type column, select Constant, and then in the field in the Value column, enter: getEmailImgByHash

    5. Click Add path element, and then in list in the second row in the Path element type column, select Parameter.

      The field in the Value column in the second row displays {param1}.
    6. Click Add path element, and then in list the third row in the Path element type column, select Parameter.

      The field in the Value column in the third row displays {param2}.
    7. Click Next.

      The following figure shows the URL mapping settings for the getEmailImgByHash URL alias:
      The settings for the new getEmailImgByHash URL mapping
      The GetEmailImgByHash URL mapping with three
                                        parameters.
    8. In the Define processing activity window, in the Class field, enter: Work-Channel-Triage

    9. In the Activity field, enter: pyGetImageForDisplay

    10. Click Add parameter, and then in the Parameter field, enter: pyId

    11. In the Value field, enter: {param2}

    12. Click Add parameter, and then in the Parameter field, enter: hash

    13. In the Value field, enter: {param1}

    14. Click Add parameter, and then in the Parameter field, enter: cid

      Leave the Value field for the cid parameter empty.
      The following figure shows the activity mapping for the getEmailImgByHash URL alias:
      The settings for the getEmailImgByHash activity mapping
      The GetEmailImgByHash activity mapping with three
                                        parameters.
    15. Click Finish.

      The list in the Cases section displays the getEmailImgByHash URL mapping.
  6. Define the getEmailImagByCID URL alias:

    1. In the Cases section, click Add URL alias.

    2. In the Define URL Mapping window, in the Identifier field, enter: GetEmailImgByCID

    3. Clear the Map path elements for URL generation check box.

    4. In the list in the Path element type column, select Constant, and then in the field in the Value column, enter: getEmailImgByCID

    5. Click Add path element, and then in list the second row in the Path element type column, select Parameter.

      The field in the Value column in the second row displays {param1}.
    6. Click Add path element, and then in list the third row in the Path element type column, select Parameter.

      The field in the Value column in the third row displays {param2}.
    7. Click Next.

      The following figure shows the URL mapping settings for the getEmailImgByCID URL alias:
      The settings for the new getEmailImgByCID URL mapping
      The GetEmailImgByCID URL mapping with three
                                        parameters.
    8. In the Define processing activity window, in the Class field, enter: Work-Channel-Triage

    9. In the Activity field, enter: pyGetImageForDisplay

      The system displays three rows in the Parameter column for the pyID, hash, and cid parameters.
    10. In the row for the pyID parameter, in the Value field, enter: {param2}

      Leave the Value field for the hash parameter empty.
    11. In the row for the cid parameter, in the Value field, enter: {param1}

      The following figure shows the activity mapping for the getEmailImgByCID URL alias:
      The settings for the getEmailImgByCID activity mapping
      The GetEmailImgByCID activity mapping with three
                                        parameters.
    12. Click Finish.

      The list in the Cases section displays the getEmailImgByCID URL mapping.
  7. Save your changes by performing one of the following actions:

    • To save the rule that belongs to a locked ruleset to an isolated sandbox in order to test your changes, click Private edit.

      For more information, see Performing a private edit.

    • To save the rule to a ruleset, click Save as.
  8. Switch back to App Studio.

The following figure shows the getEmailImgByHash and getEmailImgByCID URL aliases that you defined for the pyDefault URL mappings rule:
The pyDefault URL mappings rule definitions
New definitions in the pyDefault URL mappings rule in the Cases
                        section
Did you find this content helpful?

Have a question? Get answers now.

Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.