Thank you for supporting the Cloud Customer Connect Community in 2024. It's a gift to work with you!

Look back
You're almost there! Please answer a few more questions for access to the Applications content. Complete registration
Interested in joining? Complete your registration by providing Areas of Interest here. Register

How to encrypt payload being sent during Action Chain events?

in Visual Builder 10 comments

Summary:

During an actual page load, you can see these request/response values being exchanged between browser and VBCS App. How to encrypt the payload passed during Action Chain Events?

Content (please ensure you mask any confidential information):

During Action Chain, we progressively use data entered on the page to get further info from the system to either pull data from Business Objects or to fire a OIC/Oracle SaaS REST API. During an actual page load, you can see these request/response values being exchanged between browser and VBCS App.

This opens up a grave security flaw for us wherein a malicious actor may use the current session to change parameters in the payloads being sent for getting data from Business Objects or those being sent to OIC Integration to alter the normal flow of the VBCS App, and gain access to data/files.

Tagged:

Howdy, Stranger!

Log In

To view full details, sign in.

Register

Don't have an account? Click here to get started!