secureURLs can not encode hash(#) string.

Article Id: 6677

Status: Published

Updated On: 14-02-2018 07:55

Legacy Id: TEC1763229

Products:

CA Single Sign On Secure Proxy Server (SiteMinder) , AXIOMATICS POLICY SERVER , CA Single Sign On SOA Security Manager (SiteMinder) , CA Single Sign-On , CA Single Sign-On

Issue/Introduction:

When setting 'yes' to SecureURLs in ACO parameter, but WebAgent can not encode hash(#) value in URL, despite other delimiter string (e.g <,>,",%) are encoded.

Cause:

This is related to Web browser specification, not CA SSO side.

The URL fragment (everything from # on) not even gets sent to the server.

They are regarded as locations within the document and are therefore not exposed to the server.

Environment:

Release:
Component: SMSSO

Resolution:

Please refer to the following additional information.

Additional Information:

Hash character in URLs (accessing and redirecting in Apache)

http://stackoverflow.com/questions/9484852/hash-character-in-urls-accessing-and-redirecting-in-apache

How does IIS URL Rewrite handle # anchor tags

http://stackoverflow.com/questions/9422734/how-does-iis-url-rewrite-handle-anchor-tags