Article - CS133284
Error messages with Status Code: 500 are not properly handled in FlexPLM 10.1
Modified: 05-Sep-2023
Applies To
- FlexPLM 10.1 M010
Description
- Need better error handling when XSS filtering is enabled
- Searching for Flex objects shows an error message on screen when XSS filtering is enabled for HTML special characters
- Status Code: 500
Exception: java.lang.RuntimeException: com.ptc.netmarkets.model.NmException: HTML tags are not allowed to be used as input. There is a security risk that it contains a malicious script.
at com.ptc.core.components.util.XSSFilter$XSSFilteredRequest.checkParameterMap(XSSFilter.java:399)
at com.ptc.core.components.util.XSSFilter$XSSFilteredRequest.getParameterMap(XSSFilter.java:340)
at org.apache.catalina.core.ApplicationHttpRequest.parseParameters(ApplicationHttpRequest.java:755)
at org.apache.catalina.core.ApplicationHttpRequest.getParameter(ApplicationHttpRequest.java:367)
at org.apache.jsp.rfa.jsp.exception.ControlException_jsp._jspService(ControlException_jsp.java:147)
at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:722)
at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:432)
at org.apache.jasper.servlet
This is a printer-friendly version of Article 133284 and may be out of date. For the latest version click CS133284