Hi,
we just stumbled over one scenario, in which we get security exceptions that are causes by update 20220328's mechanism to always send+expect a corresponding cookie from the browser side.
What is the problem scenario:
1. Chrome (Firefox works fine)
2. CC-page is started inside an IFRAME of another page (the other page might be a normal HTML page or a CC page)
Background: Chrome seems to not store cookies for pages that are started inside an IFRAME!
If you are in this scenario then switch off the new 20220328-function by configuring the corresponding filter to be not active:
Code:
<system>
...
<filterconfiguration
active="true"
classname="org.eclnt.jsfserver.util.SecurityFilterGeneral" />
...
</system>
Thanks a lot to the community member having triggered us!
We will keep you updated.
Kind regards, Björn