invalid query hash in URL - may be a cracking attempt (1492 Views)
Reply
Valued Contributor
Posts: 71
Registered: ‎10-24-2007
Message 1 of 11 (1,492 Views)
Accepted Solution

invalid query hash in URL - may be a cracking attempt

Hello

In SC help there is this example:
Example: Sending Web tier URLs through e-mail notifications
and I have treid make it.
In eventout has been created record with such url:
http://saturn:8080/sc620/index.do?ctx=docEngine&file=incidents&query=incident.id=%22CALL1002%22&queryHash=68e70a88&action=&title=Call%20CALL1002

but SC web client make error:
Error: invalid query hash in URL - may be a cracking attempt

What is problem?

Best regards

Darek
Honored Contributor
Posts: 431
Registered: ‎07-18-2006
Message 2 of 11 (1,492 Views)

Re: invalid query hash in URL - may be a cracking attempt

I had the same question last week! Here's the answer:

In the web.xml on the web server you need to find the SC Host and SC Port paramters and insert the following under them



sc.querysecurity

false


Valued Contributor
Posts: 71
Registered: ‎10-24-2007
Message 3 of 11 (1,492 Views)

Re: invalid query hash in URL - may be a cracking attempt

Its works!

Thank you.
Regular Advisor
Posts: 190
Registered: ‎05-22-2007
Message 4 of 11 (1,492 Views)

Re: invalid query hash in URL - may be a cracking attempt

Hi,

Does anybody of you know an equivalent of SC's parameter sc.querysecurity in SM? I tried querysecurity, but it still gives me the error mentioned above.

Thanks a lot!
Michaela
Frequent Advisor
Posts: 85
Registered: ‎06-23-2006
Message 5 of 11 (1,492 Views)

Re: invalid query hash in URL - may be a cracking attempt

Hello..
I was also trying to find the solution, and in SM it is easier since inside the web.xml file, usually under program files\Apache Software Foundation\Tomcat 5.0\webapps\sm7\WEB-INF editing it there is the following section:


querySecurity
true


...
If you set this parameter to false then the error will be bypassed and the web page will be displayed.

regards

Spyros
Valued Contributor
Valued Contributor
Posts: 103
Registered: ‎04-07-2008
Message 6 of 11 (1,492 Views)

Re: invalid query hash in URL - may be a cracking attempt

Hi,
we escalated this problem ( SCR 39684 ) this
april and were told that this problem will be
handled in SC6.2.7, release date unknown.

regards hge


Honored Contributor
Posts: 4,177
Registered: ‎07-21-2008
Message 7 of 11 (1,492 Views)

Re: invalid query hash in URL - may be a cracking attempt

hge... do you know how to assign points when people answer your questions?
Valued Contributor
Valued Contributor
Posts: 103
Registered: ‎04-07-2008
Message 8 of 11 (1,492 Views)

Re: invalid query hash in URL - may be a cracking attempt

Hi Jacob,
wrong again,

you should read precisely.

regards hge
Frequent Advisor
Posts: 86
Registered: ‎09-11-2008
Message 9 of 11 (1,492 Views)

Re: invalid query hash in URL - may be a cracking attempt

Hi,

If I don't want to input username and password when access the url, do you have some suggestions.

Thanks a lot.

Andrew tu
Occasional Visitor
Posts: 1
Registered: ‎04-08-2013
Message 10 of 11 (966 Views)

Re: invalid query hash in URL - may be a cracking attempt

Can you show me an example how it should look in the web.xml

Advisor
Posts: 15
Registered: ‎07-25-2011
Message 11 of 11 (955 Views)

Re: invalid query hash in URL - may be a cracking attempt

[ Edited ]

Hello.

 

Make changes to web.xml. When trying to open interaction with id=SD4399 (http://serversm:8080/sm/index.do?ctx=docEngine&file=incidents&query=incident.id=%22SD4399%22), get on the search interactions form . What is wrong? Thank you.

The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.