The Oracle Commerce installation provides a servlet pipeline that is invoked each time an Oracle Commerce server handles a request. The Dynamo Server Admin also has its own servlet pipeline, which starts with the servlet /atg/dynamo/servlet/adminpipeline/AdminHandler. You can construct pipelines used by your own applications, or you can customize existing Oracle Commerce server pipelines.
For more information, see the Customizing a Request-Handling Pipeline section of the Platform Programming Guide.
Basic HTTP Authentication
The BasicAuthenticationPipelineServlet class provides authentication using the Basic HTTP authentication mechanism. A component for this servlet is not included in the standard servlet pipelines, but the class is available for use in servlet pipelines that you might create in your own applications. For enhanced security, it is recommended that you use a secure HTTPS protocol.
For more information, see Authentication in the Platform Programming Guide.
Request Parameter Validation
The Oracle Commerce Platform provides mechanisms for validating request parameters to protect against cross-site attacks. For example, it can be configured to reject a request with a parameter value that contains a <script> tag, because this tag could be used to inject malicious JavaScript code.
Separate mechanisms are required for validating query parameters (which are part of the request URL) and POST parameters (which are part of the body of the request). For more information, see the Validating Request Parameters to Prevent Cross-Site Attacks chapter of the Platform Programming Guide.
Restricting URL Forwarding
When an HTTP request occurs, some applications execute a forward action that includes information from that request. The atg/dynamo/Configuration component sets inclusion or exclusion filters that are called from the ServletUtil checkFowardAllowed method. By default META-INF and WEB-INF paths are excluded, restricting the paths that can perform forwards to URLs from a request.
You can use the forward properties of the Configuration component to modify the forwarded URLs that come from unknown or “unsafe” requests. Use the forwardExclusion or forwardInclusion properties to identify path forwards that should be prevented or allowed.
Preventing User Interface Redress Attacks (Clickjacking)
User interface redress attack (often referred to as clickjacking) is a hacking technique in which a user is tricked into executing malicious code by clicking an apparently innocuous link or button on a web site. For example, a button might have a hidden script that executes when the button is clicked and transmits personal information about the user.
To protect against clickjacking, the DynamoHandler servlet in the request-handling pipeline can add Content Security Policy or X-Frame-Options fields to HTTP response headers. Inclusion of these fields prevents site pages from being rendered in frames or iframes, thus ensuring that these pages are not embedded in the pages of another site. For more information, see the entry for DynamoHandler in Appendix C: Request Handling Pipeline Servlets Reference of the Platform Programming Guide.
Browser Caching of Dynamic Pages
Some browsers handle page caching in a way that conflicts with dynamic page requests. Oracle Commerce’s browser typer marks page requests from those browsers as non-cacheable to override the aggressive caching behavior of some browsers and proxy servers. This approach also helps avoid security exposure caused by proxy servers caching.
For more information on preventing browsers from caching dynamic pages, see the BrowserTyper section of the Platform Programming Guide.
