Atozed Forums Atozed Software Products IntraWeb English IntraWeb General Discussion v
303 Redirect and Response Payload

Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Thread Modes
303 Redirect and Response Payload
ALW2019 Offline
Junior Member
**
Posts: 5
Threads: 2
Joined: Nov 2019
Reputation: 0
Location: USA
#1
03-26-2024, 02:30 PM
We are using IntraWeb 15.2.36 and have an issue where we need to be able to remove or alter the Payload in the Response Header for a 303 redirect.  During the application sign-on process the user-id and password are in the Request, but they are also being returned in the Payload of the Response header.  How can we remove or alter the Response payload in IntraWeb?

Steps for Verification:
1. Login to the application while intercepting the request through a proxy.
2. Notice that the 303 response to the login POST request contains the password in cleartext.
(See attached screen print)


Attached Files
.docx   303 Response Header.docx (Size: 460.37 KB / Downloads: 5)
Find
Reply
Alexandre Machado Offline
Administrator
*******
Posts: 2,205
Threads: 186
Joined: Mar 2018
Reputation: 79
Location: Auckland, New Zealand
#2
04-03-2024, 09:03 AM
I'll test it and get back to you.

Anyway, this version is considerably old now and lots have changed in that area due to the introduction of new features, etc.
Find
Reply
ALW2019 Offline
Junior Member
**
Posts: 5
Threads: 2
Joined: Nov 2019
Reputation: 0
Location: USA
#3
04-11-2024, 12:44 PM
Any success with your testing?
Find
Reply
ALW2019 Offline
Junior Member
**
Posts: 5
Threads: 2
Joined: Nov 2019
Reputation: 0
Location: USA
#4
04-22-2024, 01:25 PM
Hi Alexandre, do you have any update about the 303 Payload issue?
Find
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)