Search Results

All Results 57
ソート
Resource Type
Applicable Versions
Deployment Approach
Capability
Feature
Content Page image lost after changing site's default language
legacy
Issue After changing the default language on a site and checking content fragments that include images, the content on existing pages is not displayed anymore if we change the translation. Environment DXP 7.2 DXP 7.3...
Which is the most convenient tooling to create and build new themes?
legacy
Issue It is common among users being in doubt about which is the most suitable way to create and build new themes. Two main ways of doing this are available: Using Liferay Blade or Liferay Developer Studio, which...
Behavior change in searches for partial matches when using Elasticsearch 7
legacy
Issue The behavior for searches by a prefix on the content fields has changed. It continues working if you search by title fields. For example, if you have a content field with the "legal" word on it and you search the...
Can Multi-Factor Authentication (MFA) be set for specific roles only?
legacy
Issue We want to set up MFA for Administrators only. Is this possible with Liferay out-of-the-box? Can we target specific users to sign in using multi-factor authentication? Environment DXP 7.4 DXP 7.3 DXP 7.2  ...
URL length modification / restriction
legacy
Issue Sometimes we need to modify or restrict the length or URL Liferay generates ( for example for security custom solutions ) but Liferay has no out of the box solution for that. Environment DXP 7.2...
Internet Browsers Supported by Liferay Help Center
legacy
The Liferay Help Center has been tested with the browsers listed below. Older browsers can still be used, but newer features may not look or work as intended. We recommend that you always use the current version of a...
How to enable CSRF Token in Liferay?
legacy
Issue How to enable CSRF Token in order to prevent CSRF attacks in Liferay? Environment Liferay DXP 7.2 Resolution Liferay's p_auth token protects against CSRF and is enabled by default. Here is the main...
dtSa cookies containing special characters
legacy
Issue As dtsa cookies are detected, are these cookies URLs cause for concern? Is there any information concerning these cookies in relation to Liferay? Use Case: As Liferay generated dtSa cookies contain the...
How to configure the default timeout value to any value instead of having it capped at 500ms
legacy
Issue The default library timeout until Liferay DXP 7.2 fix pack dxp-3 is 250ms. The default library timeout since Liferay DXP 7.2 fix pack dxp-4 is 500ms.  Use Case: The user would like to be able to set/configure...
A new version file is created for each slight modifications
legacy
Issue Is it possible to change the attribute of a file version without creating a new one? Environment Liferay DXP 7.0 Resolution Document and Media Portlet is designed to create a new file version whenever a file...
Do we need gzip for images?
legacy
Issue When retrieving images from Liferay server, gzip is not enabled. Environment DXP 7.0+ Resolution As images are already compressed, using gzip on them won't provide any additional benefit, and can actually...
UserTrackerPath entries limitation in clustered environment
legacy
Issue Track user visited paths in a clustered environment. Environment Clustered environment with the following properties enabled to use Live Users and Session Tracker: live.users.enabled=true...
Adding a custom item into the journal article drop-down menu (web content drop-down menu)
legacy
Issue Within the drop-down menu for Web Content, is there a way to configure my own custom items?  The example for Document Library seen in this blog utilizes the DLDisplayContextFactory extension point. Is there...
How can the p_auth authorization token be generated?
legacy
Issue Liferay protects itself against CSRF attacks by generating the p_auth authorization token. How can this token be created? Environment DXP 7.0, 7.1, 7.2, 7.3 Resolution When "auth.token.check.enabled=true" is set in...
SessionTracker in clustered environment
legacy
Issue Session Tracker cannot be used to track visited paths among cluster nodes. Environment Clustered environment with two or more nodes. Resolution Session Tracker doesn't support tracking visited paths when...
Alerts appearing on every site, even when Distribution Scope set to a specific site
legacy
Issue When using the Alerts widget, even when the Distribution Scope for an Alert is set to a specific site, the Alert appears on every site that the user visits. Also, guest users visiting the site specified in the...
Cross Site Scripting Vulnerability report on refererPlid or other parameters
legacy
Issue During a penetration test, a Cross Site Scripting Vulnerability may be reported, indicating that you can inject a script into the refererPlid parameter or into the...
Accessing the phone camera on button click event in phone's web browser.
legacy
Issue How to access the phone camera on a button click event in the phone's web browser? Environment Liferay DXP 7.0 Liferay DXP 7.1 Liferay DXP 7.2 Resolution Liferay doesn't have any OOTB feature or configuration in...
Is it possible for Liferay to use Ruby Scripting to download a file from the Document Library?
legacy
Issue To establish a system that accepts images and allows for a review process. The images will finally be saved in a folder in the site's document library. The user wished to use a ruby script to get the images...
The HTML tags are added by the editor when editing content in the Content editor
legacy
Issue When editing content in the Content editor, the HTML tags are being added by the editor. Steps to Reproduce: 1. Login to Liferay 7.1 as Liferay Admin 2. Navigate to Control Panel -> Announcements and Alerts...
How to define the order in which multiple object actions (defined for the same trigger) will be executed?
legacy
Issue I was wondering is there a possibility to order/prioritize object actions that use the same trigger? For example, I have two object action, action1 and action2, and they are both triggered by On after add. I need to...
Is Liferay Vulnerable to CVE-2023-45960?
legacy
Issue I would like to know if Liferay is vulnerable to CVE-2023-45960?  Is Liferay affected by CVE-2023-45960? Environment Quarterly Release 2024.Q1.7 Resolution The NIST listing for CVE-2023-45960 has been withdrawn and...
Segments created in Analytics Cloud are scoped globally
legacy
Issue When Segments are created in the Analytics Cloud console under a certain property associated with a specific site, the segment shows up on all sites in the connected instance and are scoped globally. This is in...
Vulnerabilities for spring-web and spring-core
legacy
Issue Vulnerabilities remain unresolved in spring-web and spring-core, even after a fix was applied to spring-context. For spring-web: Vulnerable component: org.springframework:spring-web:5.3.39 For spring-core:...
How to have multiple Jenkins account in Liferay PaaS
legacy
Issue Is there any possibility of having multiple Jenkins accounts for the build process and deployment in the environment so that would be able to track who initiated the Jenkins build or who started the build?...
Beta Feature 'Walkthrough' Documentation Unknown
legacy
Issue There is a beta feature called 'Walkthrough' available to enable under Configuration > Site Settings > Walkthrough, but I cannot find any documentation for it.  Environment DXP 7.4 Quarterly Release Resolution...
An error should appear immediately after uploading a file of wrong extension within the size limit
legacy
Issue When trying to upload a file in blogs that is less than the specified limit with the wrong extension, it shows the progress bar for a while and then gives the error. Based on user experience, the error...
How to generate a valid Liferay SaaS/PaaS Custom SSL Certificate
legacy
Issue What are the specific requirements for a custom SSL certificate to be successfully deployed on Liferay SaaS/PaaS? Environment Liferay SaaS / PaaS Resolution Private key and certificate should be...
Is there a setting that prevents Web Content publishing if the review date is set to a past date?
legacy
Issue Providing a past date as the review date should trigger an error and block publishing Web Content Is there any configuration that would enable this? Environment Liferay DXP 7.0+ Resolution Currently this feature...
Unable to remove form records without permission to also remove form itself
legacy
Issue We're looking into giving a user the ability to remove their own form records; however we found that the owner of a forminstancerecord cannot remove the forminstancerecord unless they get the permission to remove the...
When moving a web content to another folder, the "Modified by XX" message does not display the user who moved it
legacy
Issue When moving a web content to another folder, the 'Modified by XX' message doesn't display the user who moved it, but it does record the modification time. Environment Liferay DXP 2024.Q3 Resolution The current...
Empty search lists all the message board threads
legacy
Issue We created a few message board threads in the portlet and if we run an empty string search, all threads are displayed in the search result. Environment Liferay DXP 7.0+ Resolution This is the...
Query regarding special character (~) in the URL
legacy
Issue There is a special character (~) observed in the URL when navigating to site settings. Is this special character "~" a part of the URL design pattern of the product or is this is a security concern?...
Keep-alive setting for VPN
legacy
Issue What is the default keep-alive setting for the Liferay Cloud VPN client? Environment Liferay PaaS/SaaS VPN client-to-site VPN. Resolution PaaS/SaaS VPN Client: Uses standard Strongswan keep-alive...
CKEditor Upgrade to version 5
legacy
Issue I would like to inquire about the status of CKEditor in Liferay, specifically, if there is a plan to upgrade CKEditor to version 5 in an upcoming release of Liferay? Environment Liferay DXP 7.3 Liferay DXP...
Is Session Prediction Possible in Liferay
legacy
Issue Is it possible an attacker could predict the JSESSIONID and gain unauthorized access, referencing an example from a 'Session Prediction' article? Explanation of Issue Using the "Catalog" Page in Postman: If a...
Java & Liferay - 2025 and Beyond
legacy
The next major evolution of Java is here and Liferay is poised and ready to embrace the next generation. Like with any software or technology change, adoption will require work and will take time. That's why...
JournalArticleAssetEntryClassTypeIdUpgradeProcess WARN traces during upgrade process
legacy
Issue After upgrading from 7.3 to 2024.Q3 we are getting lots of WARN traces related to com.liferay.journal.internal.upgrade.v5_1_1.JournalArticleAssetEntryClassTypeIdUpgradeProcess upgrade process: 2024-11-20...
Understanding the 'Viewable by' dropdown and Download permission for file uploads in DL
legacy
Issue How do the 'Viewable by' dropdown and Download permission work when uploading files to the Document Library? Environment 7.4 U76 - 2024.Q4 Resolution 'View' permission → 'View' and 'Download' permissions The...
Need to set the status code of error page to 404
legacy
Issue User is redirecting all the page-not-found request to a specific published public page, but the status code of the published public page is always 200 Environment Liferay DXP 7.0 Liferay DXP 7.1 Liferay DXP...
SKU (price) values will only be updated
legacy
Issue How exactly does API behave, will it drop all the existing mapping ( Variant> Price> Options) and create again? Environment Liferay DXP 7.4 Commerce 4.0 Resolution The SKU (price) values will only be updated...
Is it possible to send notifications to my Portal users?
legacy
Issue Is there a way to send an alert so that a group of users, at a site or organization level, receive a notification in the Portal? Environment Liferay DXP 7.1 - 7.4 Resolution Currently, there is no way to...
Is it possible to track down page visits using Audit?
legacy
Issue Is Liferay Audit able to track who visits your page? Environment Liferay DXP 7.3 Resolution Based on the official documentation and articles, Audit does not have the feature of showing who visits the...
Persistent XSS at Site - Builder
legacy
Issue Persistent XSS vulnerability found in the Web Page builder. Environment DXP 7.4 Resolution This is expected behavior, the HTML fragment does not provide any out-of-the-box sanitation, as it is expected that...
Should the themeDisplay.getCanonicalURL() function return a canonical URL on a HTML page?
legacy
Issue When a custom canonical URL is configured on a HTML page, running themeDisplay.getCanonicalURL() in the browser console returns the friendly URL instead. Environment Analytics Cloud Resolution The getCanonicalUrl...
ORA-12899 because OpenID access token is too large
legacy
Issue We store several things in our OpenID access token and when a user tries to log in, it fails because the token size exceeds the 3000-character limit specified in the ACCESSTOKEN column of the...
How is AntiSamy configured?
legacy
Issue We configured AntiSamy to santize Web Content articles. We would like to understand how AntiSamy works and what parts are expected to be removed in Web Content articles. Environment DXP 7.0+ Resolution In the...
Is there a way to map the LAR file to an XML format?
legacy
Issue Is there a way to map the LAR file to an XML format with roles for content and documents & media?  Environment DXP 7.3 Resolution Unfortunately is not possible adding roles to various content within an existing...
Can Liferay Support SP and IDP initiated SAML Simultaneously?
legacy
Issue Our team is the design phase for authentication and we want to know if Liferay supports IDP and SP initiated SAML logins at the same time?  Environment DXP 7.4 Resolution No, a single instance should not be both...
Time filter gets reset when navigating away from Dashboard
legacy
Issue The selected time filter gets reset when navigating between dashboards. Steps to Reproduce: Navigate to the Sites dashboard. Change the Activities card to “Last 24 hours”. Click the Pages tab. Navigate back to the...
specification facet view more feature
legacy
Issue How to configure the dynamic view more button in the specification facet? For example, from a UI perspective, if 100 specifications are created, then it shows specifications 10 at a time, and after that,...
Captcha authentication via Headless API
legacy
Issue We have developed a Liferay fragment to collect user input via a custom-designed HTML form. This fragment interacts with custom Liferay objects through a Headless API using JS We have created a new role with the...
Does Liferay offer email validation tool implemetation?
legacy
Issue When sending out mass email notifications or alerts from Liferay, we have a high bounce rate. There are many invalid emails in our list, but we cannot clean them up. What email validation tools can be...
The "max_connection" variable present in the database service is related to which parameter?
legacy
Note: please note that Liferay has renamed its Liferay Experience Could offerings to Liferay SaaS (formerly LXC) and Liferay PaaS (formerly LXC-SM). Issue When trying to configure the database service, the...
Can Client Extensions be deployed in an Liferay PaaS environment?
legacy
Note: please note that Liferay has renamed its Liferay Experience Could offerings to Liferay SaaS (formerly LXC) and Liferay PaaS (formerly LXC-SM). Issue I want to use Client Extensions with my Liferay PaaS...
Auditing of Site Memberships: Adding/Unassigning UserGroupGroupRoles
legacy
Issue We have found that groups of users are able to assign and unassign site roles to User Group memberships. Is there a way to audit role assignment changes? Environment DXP 7.4 Resolution As of now, there is no...
Changes in one node cause the dropping of the same entry in another node's cache
legacy
Issue  It has been observed  that when a user makes an update of the cache in one node, it removes that entry from the cache in other nodes.   Environment DXP 7.4 Resolution This is an expected behavior. When an entity...
CVE-2020-28885 and CVE-2020-28884
legacy
Issue We would like to know about Liferay's vulnerability to CVE-2020-28885 and CVE-2020-28884. The CVE's claim that it is a vulnerability for an Administrator User to be able to inject commands through the Gogo Shell...
Asset Publisher shows the webcontent folder instead of articles
legacy
Issue Web contents are listed in their respective folders Steps to reproduce: 1. Start the server 2. Navigate to Content & Data > Web Content. 3. Create a Structure (say str-1) using 3 text fields. 4. Create 3...
Bandwidth of Liferay PaaS environments
legacy
Note: please note that Liferay has renamed its Liferay Experience Could offerings to Liferay SaaS (formerly LXC) and Liferay PaaS (formerly LXC-SM). Issue It is required to know the bandwidth of Liferay PaaS...