000016963 - AxM Agent 4.9 for IIS 7.5: ACTSESSION cookie does not encode special characters

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000016963
IssueAxM Agent 4.9 for IIS 7.5: ACTSESSION cookie does not encode special characters

ACTSESSION does not retain the escaped characters, it instead decrypts them and sends back non-escaped characters, so what comes out of ACTSESSION does not include the escaped characters 

 

So when for example, actsession contains the following value:

 

aHR0cDovL215aG9zdC5teWRvbWFpbi5jb206ODAvd3Nfc20vdGVzdC5hc3AlM2ZWaWV3JTNkUmVwb3J0JTI2cmVwb3J0SWQlM2Q1MjI3JTI2bW9kdWxlSWQlM2Q0MTg=

 

This decrypts to:

 

 

http://myhost.mydomain.com:80/ws_sm/test.asp?View=Report&reportId=5227&moduleId=418

 

instead of what was originally browsed to, in this example: 

 

http://myhost.mydomain.com:80/ws_sm/test.asp%3fView%3dReport%26reportId%3d5227%26moduleId%3d418

 

 

...the escaped characters in the original url are not being retained but instead converted.

 

CauseThis is defective functionality in the AxM agent
ResolutionThis behavior is corrected in the 5.0 agent for AxM.  Please contact customer support to obtain 5.0.0.1 for AxM agent 5.0.
Legacy Article IDa61674

Attachments

    Outcomes