Computer Associates Siteminder still flags the # (hash sign) as an unsafe character in URLs for Internet.
Siteminder enforces this rule when passing URL: it blocks the wiki application.
The "#" is present in the vanilla wiki URI's query parameter portion (after the '?') for Connections.
This behavior seems to only occur with wikis.
example:
/wikis/home?lang=en-us#!/wiki/test wikis name
The URL is not constructed properly. To force safe web links, this # is blocked in the wiki application to conform to "Safe Rule for Internet".
When customer checked the network traffic with the web developer panel in IE and Chrome, he noticed that the browser never passes the fragment identifier (everything from the '#' and after)
to the server, as only the browser makes use of the fragment identifier.
Oddly, the vanilla login for Connections allows the fragment identifier to work, but the same process looped through SiteMinder breaks.
Either way, Connections is using 'unsafe characters' in its wiki URL construction.
This has been identified as bad practice, as documented in the IETF on URLs.
Computer Associates SiteMinder article https://comm.support.ca.com/kb/in-url-uri/kb000011822 references this issue.
See RFC1738, kb article includes resolution "# Character - This is considered as an Unsafe Character More about "unsafe" characters from RFC1738.
If the '#' fragment identifier is encoded to '%23', then SiteMinder does not block access and the wiki page is accessible.
ClearQuest case number (FEDCQ00000574)
Submitter Name: HCL FEDERAL
Submitter Email: hclfederalsupport@hclgov.com
Submitter Country: USA
Ranking of priority: Medium
Product Name: Connections
