Support Article

Refresh-CurrentHarness sends & in parameters of pre-activity

SA-27082

Summary



A button is configured to run a activity (this activity has params) and then refresh the harness. When the button is clicked, the activity params are not being passed in the http request generated.

For example:  param if 'P1' is being past as 'ampP1;' Pega monitors semicolon in http requests for potential security attacks but a forbidden error page is send to client browser.


Error Messages



Forbidden errorr screen as below,


Steps to Reproduce




(Configure a button as above)

(First click the button we have designed)



(Then click on browser refresh button)


(Then observe in fiddler that params are wrongly passed)

Root Cause



A defect in Pegasystems’ code or rules. Browser refresh is sending & in the parameter names for activity parameters. This is because docsRecreateInfoJSON not being parsed properly.

Resolution



Apply HFix-29066

Published August 22, 2016 - Updated October 27, 2016

Have a question? Get answers now.

Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.