Skip to Content
Apr 05, 2016 at 09:20 AM

Portal Add to Browser Favorites - security risk?


Hi All,

If I add a portal iview/page as a browser favorite in one system, it's saved with a navigation short url in the browser favorite.

Now, if I change the portal url to another system and access the favorite, I can still get to that iview/page though the role is not assigned to me in UM.

Something like this:


It looks like a security risk to me.

Is it possible to prevent this? Short urls cannot be disabled now, because users have already been using this feature.

Any ideas/solutions/workarounds are appreciated.

Thanks in advance,