[AMAGENTS-42] Percent encoded hash (#) (%23) is handled incorrectly during policy evaluation - ForgeRock JIRA

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 3.3.4, 4.0.0
Fix Version/s: 5.0.0.0, 4.1.0
Component/s: Doc, Web Agents
Labels:

Verified Version/s:

4.1.0
Sprint:
Sprint 115 Team Shakespeare
Cases:
- 11522
Support Ticket IDs:
Epic Link:
Docs: Agents 4.1.0 Release

Description

Steps to reproduce

1) Setup OpenAM with Web Agent (3.3.x or 4.0.x)
2) Add a simple all users policy to allow access to everything, e.g "http://www.example.com/*"
3) Attempt to access http://www.example.com/test%23test

Result:

Access is denied

Expected result:

Access is allowed

Adding a rule for www.example.com/test#test or # works, but this is not a good workaround because the file could include many encoded # characters and each variation of this would require it's own rule.

I think the two key points are:

In OpenAM the wildcard character stops at a literal # character (much like ?).
The Agent decodes the %23 before sending it for evaluation to OpenAM.

Attachments

Activity

People

Assignee:

Chris Lee

Reporter:

Ian Packer [X] (Inactive)

QA Assignee:

edwardb

Votes:

0 Vote for this issue

Watchers:

6 Start watching this issue

Dates

Created:

11/Mar/16 12:08 PM

Updated:

13/Apr/17 10:49 AM

Resolved:

01/Dec/16 2:38 PM