My Oracle Support Banner

APPLICATION LINK SHOWS INTERNAL SOURCE CODE (Doc ID 1682206.1)

Last updated on NOVEMBER 10, 2019

Applies to:

Oracle Financial Services Analytical Applications Infrastructure - Version 7.3.2 and later
Information in this document applies to any platform.

Symptoms

BASEL 6.0 is installed on OFSAAI 7.3.2.0.0. Application allows to directly access below mentioned link and when this link is accessed internal code is displayed.:-
https://10.1.30.198:7002/OFSAAI/auth/script/Base64_Extended.js

 

1. Problem is with the Login link or with only above mentioned link ?
Ans:- Issue is only with mentioned link. Application allows direct access to mentioned link.It should not have allowed this to happen.
2.Are you able to access the Login page and able to access the application ?
Ans:- We are able to access the application and perform required activities like batch run etc without any problem
3. Let us know that the whether while accessing the login page it is redirecting to the link "https://10.1.30.198:7002/OFSAAI/auth/script/Base64_Extended.js" ?
Ans:- We are not being redirected to mentioned link from login page.This issue was observed as a part of "Security Testing".
4. Let us know the use case to access the mentioned link directly "https://10.1.30.198:7002/OFSAAI/auth/script/Base64_Extended.js" ?
Ans:- This is a part of "Security Testing".
5. With the prima facie investigation this could be an issue with the server side configuration because we have tried to simulate the issue but the same is not simulating in support
environment.
Ans:- We are using below mentioned versions of application:-
OFSAAI - 7.3.2.4.1
BASEL - 6.0

 

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Symptoms
Cause
Solution


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.