Service Manager / Service Center Practitioners Forum
cancel
Showing results for 
Search instead for 
Did you mean: 

invalid query hash in URL - may be a cracking attempt

SOLVED
Go to solution
Highlighted
dejski2
Member

invalid query hash in URL - may be a cracking attempt

Hello

In SC help there is this example:
Example: Sending Web tier URLs through e-mail notifications
and I have treid make it.
In eventout has been created record with such url:
http://saturn:8080/sc620/index.do?ctx=docEngine&file=incidents&query=incident.id=%22CALL1002%22&queryHash=68e70a88&action=&title=Call%20CALL1002

but SC web client make error:
Error: invalid query hash in URL - may be a cracking attempt

What is problem?

Best regards

Darek
10 REPLIES
mdonatucci
Honored Contributor
Solution

Re: invalid query hash in URL - may be a cracking attempt

I had the same question last week! Here's the answer:

In the web.xml on the web server you need to find the SC Host and SC Port paramters and insert the following under them



sc.querysecurity

false


dejski2
Member

Re: invalid query hash in URL - may be a cracking attempt

Its works!

Thank you.
Michaela P.
Collector

Re: invalid query hash in URL - may be a cracking attempt

Hi,

Does anybody of you know an equivalent of SC's parameter sc.querysecurity in SM? I tried querysecurity, but it still gives me the error mentioned above.

Thanks a lot!
Michaela
Spyros Antoniou
Regular Collector

Re: invalid query hash in URL - may be a cracking attempt

Hello..
I was also trying to find the solution, and in SM it is easier since inside the web.xml file, usually under program files\Apache Software Foundation\Tomcat 5.0\webapps\sm7\WEB-INF editing it there is the following section:


querySecurity
true


...
If you set this parameter to false then the error will be bypassed and the web page will be displayed.

regards

Spyros
hge
Member

Re: invalid query hash in URL - may be a cracking attempt

Hi,
we escalated this problem ( SCR 39684 ) this
april and were told that this problem will be
handled in SC6.2.7, release date unknown.

regards hge


Jacob Heubner
Honored Contributor

Re: invalid query hash in URL - may be a cracking attempt

hge... do you know how to assign points when people answer your questions?
hge
Member

Re: invalid query hash in URL - may be a cracking attempt

Hi Jacob,
wrong again,

you should read precisely.

regards hge
Tu Zeng-Ying
Regular Collector

Re: invalid query hash in URL - may be a cracking attempt

Hi,

If I don't want to input username and password when access the url, do you have some suggestions.

Thanks a lot.

Andrew tu
MarkYates
Acclaimed Contributor

Re: invalid query hash in URL - may be a cracking attempt

Can you show me an example how it should look in the web.xml

german-st
Super Collector

Re: invalid query hash in URL - may be a cracking attempt

Hello.

 

Make changes to web.xml. When trying to open interaction with id=SD4399 (http://serversm:8080/sm/index.do?ctx=docEngine&file=incidents&query=incident.id=%22SD4399%22), get on the search interactions form . What is wrong? Thank you.

//Add this to "OnDomLoad" event