Browser Guard alters the token of a

[Serafeim]

Hello, I wonder if you can help. We have a web application (restricted business application) and its users click on a button and download a file with a custom extension and it has the following contents

 {"Name":"CalculateQuote","Source":"https://url:443","SecurityToken":"5b9c1ceb-8e36-46d7-8e47-07f0251ac90c","Request":{"QuoteId":null,"UserId":"1400501164","SellerId":"1404501164","ClientId":16891525,"SaleId":11901790,"Name":"Mr Test 35703","TypeId":1,"Applicants":[{"Title":"Mr","Forename":"Test","Surname":"35703","Sex":"Not Set","DOB":"1966-12-17T00:00:00.000Z","Contact":{"Address1":"1","Address2":null,"Address3":null,"Address4":"Test","Postcode":"WR53DA","Telephone":"676877778","Mobile":null,"Email":null},"EmpDetails, {"Salary":2760000,"GuaranteedOvertime":0,"RegularOvertime":0}}]},"GeneratedDate":"\/Date(1608748536718)\/","LowestSupportedVersion":"1.1066.2014.0114"}

Clicking on this file opens a desktop application which uses the above data and feeds them to a 3^rd party application. When the users finish with the 3^rd party application the intermediate gathers all the data (values and any generated documents) it compresses them and submits them back to the web application.

When the data are sent to the web application the SecurityToken is used to send the data back to the correct record. Lately a lot of submissions were failing and what we discovered. was that, when the users had the Browser Control extension installed on their browsers it changed the SecurityToken to something completely different (it had the same format though) and the users couldn’t upload and update their record with the relevant documentation.

Thanks in advance

 

Kind regards
Serafeim

[gonzo]

If any of these are changing the file and/or the file header on the fly, there will be conflicts.  In a case like that, setting Browser Guard exclusions for any domains where the app(s) are stored and/or processed should eliminate these issues.  This presumes that you have trust of the environment and that you have other security products involved.  If I am off base on my assumptions or my understanding -- limited as it may be of what you are doing -- then please provide more detail, examples and a Browser Guard debug log in a private message that I can share with the developer.

If you do provide a debug log, it grows faster than the national debt, so please start with a fresh browser session, limited number of open tabs, and create the log as soon as you know that the problem has been reproduced.