Results 1 to 5 of 5

Thread: Data Browser blocked when optimized by Riverbed

  1. #1

    Data Browser blocked when optimized by Riverbed

    Has anyone run into Data Browser or any other part of JDE blocking or invalidating a user session because of the tag Riverbeds place in the HTML? Working with a customer that claims based on the JDE and F5 logs that the Riverbed X-RBT-Optimized-By tag that is inserted into the HTTP header by default of any session they optimize is preventing users from access the Data Browser application in JDE.

    [SEVERE][HTML88_PD920_8150][RUNTIME]***Security Alert***
    Malicious script attack has been detected. The user session will be invalidated.
    The parameter Name is:e1.service. The scripts are:ResourceCanonicalsJS"></script><script type="text/javascript" language="JavaScript" src="/jde/share/js/e1.js"></script><script>_e1URLFactory = new E1URLFactory('Servlet','/jde/','/jde/URLBuilderService.mafService?e1UserActInfo=false

    I'm trying to find out if this is simply due to a configuration setting in JDE or the F5. I see plenty of blogs talking about optimizing JDE via Riverbed and other products and none talk about needing to do anything special. Any advice available would be appreciated.

  2. #2
    Senior Member Alex_Pastuhov's Avatar
    Join Date
    Jul 2001
    Location
    Australia
    Posts
    1,738
    Incidentally, I just recently came across JDE components that look through the comms for any malicious stuff, which I found interesting. The same components do additional processing, so disabling it may cause other issues, but I believe they can be disabled.

    But no, I do not believe there are any such settings available to toggle this, so it's not a config issue. And disabling these components would probably not be a solution supported by Oracle.

    And I suspect there may be more to it than just this one header, because it does not appear to be looking for it specifically. Although admittedly it's not clear what it is exactly it's looking for, so who can say. This could actually be a case of something injecting something malicious into the comms. It's probably worth looking into this deeper.

    To get a clean supported solution, you can try logging this with Oracle and see what they can do on their side...
    Regards,
    Alexander Pastuhov
    http://www.everestsoftint.com/

  3. #3
    I just opened a ticket for a client as I'm seeing it everywhere. Oracle's not being very helpful as of yet and pointing to the same old doc id for the original "bad char" pasting. That said, I'm about 90% sure its load balancer related and some users reported it happening on log on. I have figured out how to recreate it with about 30% success. Let a session timeout, and just try and log back in and it kicks back to login screen and throws the malicious script detected in the log. Im assuming its because the session cookie times out and they "switch" servers, and whatever is injected in the tag is now bad.

    I also had a user report that it happened creating a new grid format in IE 11, but I haven't been able to replicate that one at all.

  4. #4
    If Oracle isn't being helpful, is there any hope that this will get fixed any time soon?
    Hi!

  5. #5
    New Member
    Join Date
    Nov 2006
    Location
    British Columbia, Canada
    Posts
    8
    I am seeing the same items in my logs, but have not had any reports of errors or issues.
    We are not using any kind of load balancer, or even using databrowser. Way too many errors for the users to be using data browser.

    I have had a user complain about being unable to make a grid width change. I will have to try to see what happens after a timeout.
    Robert Woods

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
The legal restrictions and terms of use applicable to this site are available here.
Use of this site signifies your agreement to the terms of use.
JDELIST is NOT affiliated with JD Edwards® & Company, Oracle or Peoplesoft. Contents of this site are neither endorsed nor approved by JD Edwards® & Company and, or Oracle.