IBM Support

PH02192: TWAS OIDC RP EXTRA <BR/> TAG ADDED IN SAVED POST BODY

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as program error.

Error description

  • When a POST body with newline fields is saved by the tWAS
    OpenId Connect (OIDC) Relying Party (RP), an extra <br/> tag is
    added to the saved data.
    

Local fix

  • N/A
    

Problem summary

  • ****************************************************************
    * USERS AFFECTED:  IBM WebSphere Application Server and        *
    *                  OpenID Connect Relying Party                *
    ****************************************************************
    * PROBLEM DESCRIPTION: The OIDC TAI always transforms          *
    *                      newlines in POST data to <br>           *
    ****************************************************************
    * RECOMMENDATION:  Install a fix pack or interim fix that      *
    *                  contains this APAR.                         *
    ****************************************************************
    After successful authentication, the OpenID Connect (OIDC)
    Relying Party (RP) Trust Association Interceptor (TAI) always
    encodes the HTTP post data before redirecting to the
    target URL.  New line characters are always being
    transformed into <br> tags. Application developers may require
    that the new line characters remain in the POST parameters.
    

Problem conclusion

  • The following OIDC TAI custom property is added:
    provider_<id>.encodeNewline, default=true
    
    When encodeNewline is set to false, the new line characters
    that exist in POST data will not be transformed into
    encoded <br> tags.
    
    The OIDC TAI is also updated so that, when it encodes the
    POST data, instead of replacing a new line with a <br>
    tag, it replaces with the encoded form of the tag, &lt;br;&gt;
    
    The fix for this APAR is currently targeted for inclusion in
    fix pack 8.5.5.15 and 9.0.0.11.  Please refer to the
    Recommended Updates page for delivery information:
    http://www.ibm.com/support/docview.wss?rs=180&uid=swg27004980
    

Temporary fix

Comments

APAR Information

  • APAR number

    PH02192

  • Reported component name

    WEBS APP SERV N

  • Reported component ID

    5724H8800

  • Reported release

    850

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt / Xsystem

  • Submitted date

    2018-08-27

  • Closed date

    2018-11-06

  • Last modified date

    2018-11-06

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

Fix information

  • Fixed component name

    WEBS APP SERV N

  • Fixed component ID

    5724H8800

Applicable component levels

  • R850 PSY

       UP

  • R900 PSY

       UP

[{"Business Unit":{"code":"BU053","label":"Cloud \u0026 Data Platform"},"Product":{"code":"SSEQTP","label":"WebSphere Application Server"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"850","Line of Business":{"code":"LOB36","label":"IBM Automation"}}]

Document Information

Modified date:
15 October 2021