Refresh-CurrentHarness sends & in parameters of pre-activity
A button is configured to run a activity (this activity has params) and then refresh the harness. When the button is clicked, the activity params are not being passed in the http request generated.
For example: param if 'P1' is being past as 'ampP1;' Pega monitors semicolon in http requests for potential security attacks but a forbidden error page is send to client browser.
Forbidden errorr screen as below,
Steps to Reproduce
(Configure a button as above)
(First click the button we have designed)
(Then click on browser refresh button)
(Then observe in fiddler that params are wrongly passed)
A defect in Pegasystems’ code or rules. Browser refresh is sending & in the parameter names for activity parameters. This is because docsRecreateInfoJSON not being parsed properly.
0% found this useful