Why doesn’t TRIRIGA Document Manager render HTML files?

When using the IBM TRIRIGA Document Manager, View Document action, and opening an attached HTML file, the viewer window will present unreadable information, since it will not render HTML format properly. So we cannot read from HTML files in Document Manager by using the View Document option.

Document Manager is not an HTML viewer. It simply renders the data of the file as designed. The customer would need to download the file, and use a proper viewer like an internet browser, which renders HTML files properly. Allowing the HTML content to be viewed by Document Manager will allow an attacker to upload a maliciously formed HTML, allowing a large number of HTML, JavaScript, Java, and other various attacks. That is why it is working as designed, showing the HTML source.

Continue reading 

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.