My Oracle Support Banner

Punchout Using Internet Explorer 8.0 Erroring With XSS Switching Security Error (Doc ID 1086507.1)

Last updated on JANUARY 03, 2023

Applies to:

Oracle iProcurement - Version 11.5.10 and later
Information in this document applies to any platform.

Symptoms

In Oracle iProcurement, Release 11.5.10, punch out to a supplier site using the web browser Internet Explorer 8.0 is not functioning correctly when submitting the requisition.

The first Security Warning is "The current webpage is trying to open a site in your Trusted sites list. Do you want to allow this?"





After clicking the "Yes" button, a blank page appears with the following IE security message: "Internet Explorer has modified this page to help prevent cross-site scripting.  Click here for more information...".



 
When clicking on the message, the following window appears: "How does Internet Explorer help protect me from cross-site scripting attacks?"





The issue can be reproduced at will with the following steps:

1. Sign on to Oracle E-Business Suite.
2. Select Responsibility: iProcurement
3. Navigation: iProcurement Home Page
4. Select punch out to the supplier.
5. Select items and Add to Cart.
6. Proceed to checkout.
7. Submit the order.
8. The error messages and windows mentioned above appear.
9. At this point, the punch out session is done; the user cannot return to the shopping cart and complete the purchase. However, when the user logs back into iProcurement, the shopping cart with the order details is visible, and the user can proceed to complete the checkout process.


Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Symptoms
Cause
Solution


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.