iSupplier User Gets "Unexpected URL Parameters Have Been Detected And Will Be Ignored" at Login Prompt and wrong cancelurl value (Doc ID 2031280.1)

Last updated on SEPTEMBER 06, 2016

Applies to:

Oracle iSupplier Portal - Version 12.1.3 and later
Information in this document applies to any platform.


On : 12.1.3 version, Workflow Mailer

When attempting to respond to notification for supplier user registration the following error occurs and the

Unexpected URL parameters have been detected and will be ignored


The Debug Log shows error exception - SecurityException: Invalid parameter cancelUrl - in the sso code call

Log messages from SSO code

fnd.sso.SecureHttpRequest[$Revision: 120.10.12010000.11 $].NOICX_Sign 2 END-> No
fnd.sso.SecureHttpRequest[$Revision: 120.10.12010000.11 $].secureParse 1 REJECTED cancelUrl=http://internal.domain/OA_HTML/AppsLogin
fnd.sso.SecureHttpRequest[$Revision: 120.10.12010000.11 $].secureParse 2 END with errors
fnd.sso.SecureHttpRequest[$Revision: 120.10.12010000.11 $].verifySecurity 4 "java.lang.SecurityException: Invalid parameter cancelUrl
at oracle.apps.fnd.sso.SecureHttpRequest.secureParse(
at oracle.apps.fnd.sso.SecureHttpRequest.(
fnd.sso.SecureHttpRequest.getParameter 2 cancelUrl=
fnd.sso.SecureHttpRequest.getParameter 2 errCode=FND_SSO_PHISH_ERROR


The issue can be reproduced at will with the following steps:
1. Receive notification.
2. Click on '"Please click here to Respond".

- see login prompt with the error message shown above the login prompt




Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms