0
Posted Jun 05 by amit jain.

We are trying to use view action of Actionservice.execute method, but facing issues of header manipulation while files having special character in filename.

Version Details:

CS: 7.2
Webtop: 6.8

Please suggest.

Error Message Details below:

WARN IntrusionDetector:449 - [SECURITY FAILURE Anonymous:null@unknown -> /webtop/IntrusionDetector] Invalid input: context=HTTP header value: Header Manipulation: HttpTransportManager, type(HTTPHeaderValue)=^[a-zA-Z0-9()-=*.\?;,+\/:&_ ]$, input=%23Doc.pdf
org.owasp.esapi.errors.ValidationException: HTTP header value: Header Manipulation: HttpTransportManager: Invalid input. Please conform to regex ^[a-zA-Z0-9()-=*.\?;,+\/:&_ ]
$ with a maximum length of 1024

    at org.owasp.esapi.reference.validation.StringValidationRule.checkWhitelist(StringValidationRule.java:144)
    at org.owasp.esapi.reference.validation.StringValidationRule.checkWhitelist(StringValidationRule.java:160)
    at org.owasp.esapi.reference.validation.StringValidationRule.getValid(StringValidationRule.java:284)
    at org.owasp.esapi.reference.DefaultValidator.getValidInput(DefaultValidator.java:214)
    at org.owasp.esapi.reference.DefaultValidator.getValidInput(DefaultValidator.java:185)
    at com.documentum.web.security.validators.WDKESAPIValidator.getValidHeader(WDKESAPIValidator.java:368)
    at com.documentum.web.contentxfer.http.HttpTransportManager.getContentDispositionValue(HttpTransportManager.java:655)
    at com.documentum.web.contentxfer.http.HttpTransportManager.sendOutgoing(HttpTransportManager.java:319)
    at com.documentum.web.contentxfer.http.HttpTransportManager.sendOutgoing(HttpTransportManager.java:282)

 You have subscribed and will receive email notifications of updates to this topic. To unsubscribe, uncheck the checkbox.

Statistics

Related categories

Related tags

Your answer

To leave an answer, please sign in.