Fixes are available
Rational ClearQuest Fix Pack 07 (7.1.2.7) for 7.1.2
Rational ClearQuest Fix Pack 03 (8.0.0.3) for 8.0
Rational ClearQuest Fix Pack 14 (7.1.2.14) for 7.1.2
Rational ClearQuest Fix Pack 11 (8.0.0.11) for 8.0
Rational ClearQuest Fix Pack 12 (8.0.0.12) for 8.0
Rational ClearQuest Fix Pack 15 (7.1.2.15) for 7.1.2
Rational ClearQuest Fix Pack 13 (8.0.0.13) for 8.0
Rational ClearQuest Fix Pack 16 (7.1.2.16) for 7.1.2
Rational ClearQuest Fix Pack 17 (7.1.2.17) for 7.1.2
Rational ClearQuest Fix Pack 14 (8.0.0.14) for 8.0
Rational ClearQuest Fix Pack 18 (7.1.2.18) for 7.1.2
Rational ClearQuest Fix Pack 15 (8.0.0.15) for 8.0
Rational ClearQuest Fix Pack 19 (7.1.2.19) for 7.1.2
Rational ClearQuest Fix Pack 16 (8.0.0.16) for 8.0
Rational ClearQuest Fix Pack 17 (8.0.0.17) for 8.0
Rational ClearQuest Fix Pack 18 (8.0.0.18) for 8.0
Rational ClearQuest Fix Pack 19 (8.0.0.19) for 8.0
Rational ClearQuest Fix Pack 20 (8.0.0.20) for 8.0
Rational ClearQuest Fix Pack 21 (8.0.0.21) for 8.0
APAR status
Closed as program error.
Error description
ClearQuest Web Error: 403: Unauthorized referrer' when clicking on 'Site web URL:' Links on a CQ Form stopped working if the owner application (web server, lotus notes, excel sheet, etc) can set the Referrer request header. An example is the 'Site web URL' in RATLC. There is a workaround of clicking the address bar and then clicking enter. Steps to reproduce: 1. Logon to Raleigh's RATLC server (currently version 7.1.2.03). 2. Open a Change Request record that is master on Lex2 (currently version 8.0.0.2). The specific record isn't important, only that it's mastered on a CQ server that has the cross frame scripting security fixes delivered in 2012A. RATLC02501859 is an example of a record that would currently display the issue. 3. Click on the configuration tab 4. Click on the 'Site Web URL' dropdown/link 5. A new tab is opened (at least on my FF11) where the remotely mastered record will be displayed. But instead of the remotely mastered record being opened, an error message is displayed: 'Error 403: Unauthorized referrer'
Local fix
Problem summary
**************************************************************** * USERS AFFECTED: * **************************************************************** * PROBLEM DESCRIPTION: * **************************************************************** * RECOMMENDATION: * **************************************************************** Links on a CQ Web forms stopped working in 7.1.2.6 and 8.0.0.2 if the owner application (web server, lotus notes, excel sheet, etc) can set the Referrer request header. Users will receive the following error: ClearQuest Web Error: 403: Unauthorized referrer" when clicking on "Site web URL:"
Problem conclusion
A fix is available in ClearQuest 7.1.2.7 and 8.0.0.3
Temporary fix
Comments
APAR Information
APAR number
PM65367
Reported component name
CLEARQUEST WIN
Reported component ID
5724G3600
Reported release
712
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt
Submitted date
2012-05-23
Closed date
2012-06-25
Last modified date
2012-06-25
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
CLEARQUEST WIN
Fixed component ID
5724G3600
Applicable component levels
R712 PSN
UP
Document Information
Modified date:
25 June 2012