Search Results

This article documents Liferay's position regarding the Session Identifier (JSESSIONID), including how and why a new JSESSIONID is generated.  Resolution Customers doing their own security scan of the Liferay platform might have noticed that a new JSESSIONID may have been generated....

This article documents a known issue where refreshing the CAPTCHA image causes a Java NullPointerException (NPE) to be triggered. Please note that the CAPTCHA image will still be refreshed. Steps to Reproduce Start the Liferay Digital Enterprise 7.0 platform. Click the Sign In link at...

Liferay Support does not recommend or endorse specific third-party products over others. Liferay is not responsible for any instructions herein or referenced regarding these products. Any implementation of these principles is the responsibility of the subscriber. This article contains a...

This article documents an issue that has been reported by some users working on Liferay Digital Experience Platform (DXP). It is a cookies issue that has been reported, and the issue arises when using certain versions of Internet Explorer behind a two-character domain...

This article serves as a reference guide on how to use the getOriginalServletRequest function to get the default queryString when using the OSGi framework. Developers familiar with Liferay Portal 6.2 EE and now using DXP 7.0 (also 7.1, 7.2 or 7.3) will find that certain requests are now...

When deploying Liferay DXP 7.0 Fix Pack 24, 25, 26 or 27, the WeDeploy Auth Admin portlet will appear in the Control Panel. WeDeploy is currently a beta product. The addition of this portlet will have no impact or security risk.  Installing an affected fix pack will result in the...

This article is a legacy article. It applies to previous versions of the Liferay product. While the article is no longer maintained, the information may still be applicable. Security-hotfix-11-6012, which is available for Liferay Portal 6.0 EE SP2, is preventing embedded portlets from...

In Liferay Portal 6.0 EE SP2, a new Creole parser for the Wiki portlet has been implemented and changed how links are parsed. For example, previously in 6.0 EE SP1, links using single brackets like "[ ]" will redirect the user to a new Wiki page. In 6.0 EE SP2 and newer versions, links...