FormFill does not esacpe double quote filled into INPUT fields

Document ID:7011560
Creation Date:25-Dec-2012
Modified Date:03-Apr-2013
- Micro Focus Products:
  Access Manager (NAM)

Environment

Novell Access Manager 3.1.4
Novell Access Manager 3.1.4 Linux Access Gateway

Situation

Users which containing one of the following characters in their password will fail on running SSO on with the protected web server: (", $, #, &)
FormFill fails on escaping the above mentioned characters

Example:

user password: = n"vell
input field: <INPUT name='loginpass' id='loginpass' type='password'>

Loginform rewritten by FormFill: <input name="loginpass" id="loginpass" type="hidden" value="n"vell">
result: password will truncated to: "n

Resolution

This issue has been addressed to engineering and will be fixed with NAM 3.1 SP5.

© Micro Focus. Please see Terms of Use applicable to this content.