漏洞
CORS (Cross-Origin Resource Sharing) requests for sprite image files associated with vector tile layers are always sent via anonymous authentication even if the ArcGIS Server site that the vector tile layer is hosted on is secured with web-tier authentication and is listed within the list of trusted servers.
| 漏洞 ID 编号 | BUG-000131775 |
|---|---|
| 已提交 | June 23, 2020 |
| 上次修改时间 | June 5, 2024 |
| 适用范围 | Portal for ArcGIS |
| 找到的版本 | 10.8 |
| 操作系统 | Red Hat Enterprise Linux |
| 操作系统版本 | N/A |
| 状态 | Will Not Be Addressed |
附加信息
Here are a few options: 1 - Allow the sprite URL to be accessed anonymously. 2 - Look for the key in the URL's path instead of as a parameter (Refer to Internal Explanation). 3 - Use a proxy and set a proxy rule for the sprite.重现步骤
漏洞 ID: BUG-000131775
软件:
- Portal for ArcGIS
当漏洞状态发生变化时获得通知
发现关于本主题的更多内容
搜索相关信息
查找与此主题相关的培训
探索想法并提供反馈
获取来自 ArcGIS 专家的帮助
下载 Esri 支持应用程序