iStore Errors Out with "Input Contained Illegal Parameters"

(Doc ID 1302824.1)

Last updated on AUGUST 25, 2017

Applies to:

Oracle iStore - Version to 12.1.3 [Release 11.5.10 to 12.1]
Information in this document applies to any platform.


-- Problem
The error message  "Input contained illegal parameters" can be seen when attempting to provide an input which contains html tags and which can cause a cross site scripting attack to the site. For example, if a user types  "<img" as a username and submits, this will error out.

Also if a URL parameter like "ref" has a server name different to your instance, the same message will also be displayed.

If the issue is specific to the configurator then this note's solution will also resolve the issue.

-- Error

Input contained illegal parameters, please re-enter your input or contact the system administrator

-- Steps
1. Go to iStore Customer UI
2. Type some characters which includes html tags
2. provide a parameter which contains a url different to the one of your server




Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms