Protected Oracle E-Company Suite 12.2 with Authorized Redirects


A redirect is an HTTP reaction standing code “302 Observed” and is frequent strategy for redirecting a URL. Consumer redirects are a prospective attack vector. The Oracle E-Company Suite 12.2.4+ Authorized Redirects feature will allow you to determine a whitelist of allowed redirects for your Oracle E-Company Suite 12.2 surroundings. Authorized Redirects is enabled by default with Oracle E-Company Suite 12.2.6.

When the Authorized Redirects feature is enabled, redirects to web pages that are not configured in your whitelist are not allowed. This feature supplies defense versus unknown and likely harming web pages. This is an case in point of an attack that the Authorized Redirect feature will reduce if appropriately configured:

Your people will see an error information if a redirect is blocked by Authorized Redirects:

Observe: Authorized Redirects will only block navigation to web pages that come about via client redirects. It is not supposed to reduce other solutions for accessing exterior web pages.

Wherever can I learn much more?

Associated Content articles

References



ORACLE Upkeep

Leave a Reply

Your email address will not be published.