Defect HC-8839
ResourceId is present with Search REST calls
Software
Customer case | Applies to | Corrected in |
---|---|---|
CS0196459 | V9.0.1.9 | 9.0.1.16 |
Observed behavior
Search REST calls return the resourceId which has the potential to compromise security.
Expected behavior
A means to mask or remove the resourceId from the response is needed to limit the exposure of internal server names.
Resolution
A new setting, RestParameterSetting/addResourceId with a default value 'true' is added in resources/search/runtime/config/com.ibm.commerce.search/wc-component.xml Setting this value to 'false' will prevent the resourceId from being returned.