cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Community Tip - Have a PTC product question you need answered fast? Chances are someone has asked it before. Learn about the community search. X

Security and URL attachement

JHall
16-Pearl
16-Pearl
‎Jul 26, 2019 10:14 AM
‎Jul 26, 2019 10:14 AM

Security and URL attachement

Recently I've noticed one of our regions is adding (on the Content Tab) URLs to outside websites.  Since we are a cloud based system, I am extremely concerned about that site being an opening into our system.  Which makes me wonder about a couple questions.

1. Has anyone experienced anything like a security breach via an external URL link? 

2. What is the easiest way to restrict people from adding URLs to WTParts or WTDocuments?  

James  

Windchill 11.0 M030 CPS08

URL.png

 

0 Kudos
Notify Moderator
6 REPLIES 6
STEVEG
21-Topaz I
21-Topaz I
(To:JHall)
‎Jul 26, 2019 02:48 PM
‎Jul 26, 2019 02:48 PM

I am not sure if this will allow you to do it but did you try creating a rights policy for URLDefinition?  It's a sub-type of WTObject.

0 Kudos
Notify Moderator
JHall
16-Pearl
16-Pearl
(To:STEVEG)
‎Jul 26, 2019 05:26 PM
‎Jul 26, 2019 05:26 PM

@STEVEG   I discovered that I can shut down all URLs in Windchill that point to external sites.  On Page 315 of Windchill Customization Guide (11.0 M030 June 2017 Document Version 11.03.01) I discovered the following. 

It looks like it will do what I'm thinking, however I'm not quite sure just yet I want to turn them off completely.   According to the PTC tech I talked to, any previous URLs would simply not work if I did this. I'm just not sure what sort of security hazard external links might be.
James

Remove_URL.png

0 Kudos
Notify Moderator
STEVEG
21-Topaz I
21-Topaz I
(To:JHall)
‎Jul 29, 2019 07:57 AM
‎Jul 29, 2019 07:57 AM

Nice find.

0 Kudos
Notify Moderator
JHall
16-Pearl
16-Pearl
(To:STEVEG)
‎Jul 29, 2019 04:00 PM
‎Jul 29, 2019 04:00 PM

Thanks @STEVEG    I'm still very curious about the risk with external links like this.  Am I over blowing the situation?

 

James

0 Kudos
Notify Moderator
STEVEG
21-Topaz I
21-Topaz I
(To:JHall)
‎Jul 31, 2019 07:15 AM
‎Jul 31, 2019 07:15 AM

I am not sure if there is anyone that can definitively one way or the other.

0 Kudos
Notify Moderator
JHall
16-Pearl
16-Pearl
(To:STEVEG)
‎Aug 01, 2019 11:16 AM
‎Aug 01, 2019 11:16 AM

Our Cyber Security person asked these questions.  I think I'll create a PTC ticket and ask them.

 

Since you are adding several URLs to various external sites it is important to check :

 

  1. External website is linked to the Windchill webpage in such a way that it does not share any authentication credentials.
  2. HTTP session details should not be shared with the external sites.
  3. Confirm with Windchill that their HTML source code is secured from HTML injection attack.
0 Kudos
Notify Moderator
Announcements


Contact Community Management
Top Tags