-
Title
Unable to open or create a new CSR in Stat 7.0 -
Description
After upgrading to Stat 7.0, the Stat client cannot open or create a new CSR, raising the ckeditors error for the Description/Resolution fields.
-
Cause
With the WildFly 34 update, we also had to update our CSRF protection related libraries. These new libraries by default block all requests from browsers which use internet explorer engine (a security related restriction).
That's why CKEditor-related requests, which were being made by the Windows client to our SCA, were getting denied since the Windows client internally uses the Internet Explorer engine.
-
Resolution
Solution:
It has been created STAT-6329 to enable the Internet Explorer engine requests for future releases by default. Meanwhile, the above will be fixed and included in any Stat 7.0 HF, Apply the workaround below:
1. Download the file custom.stat.csrf.properties attached and put it under SCA_HOME\app\standalone\configuration
2. Make sure the stat.ini has the parameter RemoteWebControl=yes
3. In the SCA machine, edit the standalone.conf.bat, adding in the JAVA_OPTS argument below:-Dstat.csrf.config=<full_path_to_custom.stat.csrf.properties>
4. Bounce the SCA.
-
Attachments