IBM Support

PH29096: ENTERING AN INVALID URL REVEALS A STACK TRACE ERROR TO THE USER

Subscribe to this APAR

By subscribing, you receive periodic emails alerting you to the status of the APAR, along with a link to the fix after it becomes available. You can track this item individually or track all items by product.

Notify me when this APAR changes.

Notify me when an APAR for this component changes.

 

APAR status

  • Closed as program error.

Error description

  • In the Standard UI, when an invalid URL is entered after
    modifying the query parameters in the URL, an
    error message is thrown with a full stack trace.
    
    APAR was previously logged for similar error but with a
    different attacking method - PI99301
    
    Workaround:
    
    none
    
    
    Prerequisites:
    
    OP 8.1.0.1 installed
    
    Steps to Reproduce:
    
    1.     Open any supported browser and log into OpenPages
    Standard UI.
    2.     From the menu, open the Filtered List view of any Object.
    3.     Now modify the URL loaded in the browser by adding random
    text between the following in the URL ?
     ?view.object.do? > ?view.asdfsdfobject.do?
    ?ctxtId=114&viewId=727? > ?ctxtId=114asdf&viewId=727?
    4.     Hit enter and you will see an error with stack trace of
    the application.
    
    
    
    Expected Results:
    
    System should not reveal error stack trace.
    
    Actual Results:
    
                System reveals error stack trace.
    
    Error Message:
    
    n/a
    

Local fix

Problem summary

  • ****************************************************************
    * USERS AFFECTED:                                              *
    * OpenPages Users                                              *
    ****************************************************************
    * PROBLEM DESCRIPTION:                                         *
    * ENTERING AN INVALID URL REVEALS A STACK TRACE ERROR TO THE   *
    * USER                                                         *
    ****************************************************************
    * RECOMMENDATION:                                              *
    * Customers should download OpenPages with Watson 8.2 Fix Pack *
    * 2 (8.2.0.2). See the following document for details on       *
    * obtaining OpenPages 8.2.0.2:                                 *
    * https://www.ibm.com/support/pages/openpages-watson-82-fix-pa *
    * ck-2                                                         *
    ****************************************************************
    

Problem conclusion

Temporary fix

Comments

APAR Information

  • APAR number

    PH29096

  • Reported component name

    OPENPAGES GRC

  • Reported component ID

    5725D5100

  • Reported release

    810

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt / Xsystem

  • Submitted date

    2020-09-02

  • Closed date

    2021-03-26

  • Last modified date

    2021-03-26

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

Fix information

  • Fixed component name

    OPENPAGES GRC

  • Fixed component ID

    5725D5100

Applicable component levels

[{"Line of Business":{"code":"LOB10","label":"Data and AI"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSFUEU","label":"IBM OpenPages with Watson"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"810"}]

Document Information

Modified date:
27 March 2021