IBM Support

SDK - The XSS configuration property can be used only if CAF is enabled

Troubleshooting


Problem

XSS = Cross-Site Scripting prevention. Users receive error messages in Browser from Gateway when URL's are being used with IBM Cognos BI. This only occurs when using SiteMinder with cross-site scripting enabled.

Symptom

Browser:

403: Access Forbidden

Due to the presence of characters known to be used in Cross Site Scripting attacks, access is forbidden. This web site does not allow Urls which might include embedded HTML tags.

In the cogserver.log file...

CM-REQ-4158 The search path "XSSSTARTCAMID(*22Cognos*20Series*207*22)XSSEND" is invalid.
CM-REQ-4084 A search path node test contains an invalid character '40'.

[{"Product":{"code":"SSEP7J","label":"Cognos Business Intelligence"},"Business Unit":{"code":"BU048","label":"IBM Software"},"Component":"Software Development Kit","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF010","label":"HP-UX"},{"code":"PF016","label":"Linux"},{"code":"PF027","label":"Solaris"},{"code":"PF033","label":"Windows"}],"Version":"10.2;10.2.1;10.2.1.1;10.2.2","Edition":"Edition Independent","Line of Business":{"code":"LOB76","label":"Data Platform"}},{"Product":{"code":"SSEP7J","label":"Cognos Business Intelligence"},"Business Unit":{"code":"BU048","label":"IBM Software"},"Component":"Software Development Kit","Platform":[{"code":"","label":""}],"Version":"","Edition":"","Line of Business":{"code":"LOB76","label":"Data Platform"}},{"Product":{"code":"SS6G84","label":"IBM Cognos Analytics on Cloud"},"Business Unit":{"code":"BU048","label":"IBM Software"},"Component":" ","Platform":[{"code":"","label":""}],"Version":"","Edition":"","Line of Business":{"code":"LOB76","label":"Data Platform"}}]

Log InLog in to view more of this document

This document has the abstract of a technical article that is available to authorized users once you have logged on. Please use Log in button above to access the full document. After log in, if you do not have the right authorization for this document, there will be instructions on what to do next.

Historical Number

1014260

Document Information

Modified date:
30 April 2025

UID

swg21339001

Page Feedback