IBM Support

JR49924: URL PARAMETERS FOR DASHBOARDS IN IBM PROCESS PORTAL ARE NOT CORRECTLY ENCODED

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as program error.

Error description

  • In IBM Process Portal, when you click a dashboard tab, an HTTP
    request is generated with a parameter that contains a URL for
    the target dashboard. The URL includes double slashes (starts
    with https://).  Because slashes are reserved characters
    according to RFC 3986, network intermediaries may block or alter
     the request.
    
    PRODUCTS AFFECTED:
    IBM Business Process Manager (BPM) Advanced
    IBM BPM Standard
    IBM BPM Express
    

Local fix

Problem summary

  • Double slashes in dashboard URL parameters in HTTP requests are
    not correctly encoded (according to RFC 3986, an Internet
    standard) before the request is sent.  A network intermediary in
     the path between the client workstation and the IBM BPM server,
     such as a load balancer or single sign-on provider, may block
    or alter the request in transit, if it is strictly enforcing RFC
     3986.
    

Problem conclusion

  • A fix is available for IBM BPM V8.5.0.1 that properly encodes
    the double slashes in dashboard URL parameters before sending
    the request to the IBM BPM server.
    
    On Fix Central (http://www.ibm.com/support/fixcentral), search
    for JR49924:
    
    1. Select IBM Business Process Manager with your edition from
    the product selector, the installed version to the fix pack
    level, and your platform, and then click Continue.
    2. Select APAR or SPR, enter JR49924, and click Continue.
    
    When you download fix packages, ensure that you also download
    the readme file for each fix. Review each readme file for
    additional installation instructions and information about the
    fix.
    

Temporary fix

  • Not applicable
    

Comments

APAR Information

  • APAR number

    JR49924

  • Reported component name

    BPM STANDARD

  • Reported component ID

    5725C9500

  • Reported release

    850

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt

  • Submitted date

    2014-04-08

  • Closed date

    2014-06-14

  • Last modified date

    2014-06-14

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

Fix information

  • Fixed component name

    BPM STANDARD

  • Fixed component ID

    5725C9500

Applicable component levels

  • R850 PSY

       UP

[{"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Product":{"code":"SSFTDH","label":"IBM Business Process Manager Standard"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"8.5","Edition":"","Line of Business":{"code":"LOB36","label":"IBM Automation"}}]

Document Information

Modified date:
14 June 2014