Skip to main content

Qlik

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Not applicable
‎2011-10-25 01:10 PM

Potential cross site redirection issue?

Hi All,

I'm new to QlikView and have just setup a server instance. I'm using NTLM authentication with Authentication set to "Always" and the login address set to "Alternate Login Page (web form)".

I notice that if I supply users with a crafted URL, e.g. http://xxx.yyy.zzz/qlikview/logout.htm?login=http://www.google.com the login link on the subsequent page gets redirected to www.google.com.

Is there any way to circumvent this as it's being flagged as a security risk.

Many thanks.

310 Views
0 Likes
0 Replies