• State Suggested Answer
  • Replies 2 replies
  • Answers 1 answer
  • Subscribers 10 subscribers
  • Views 166 views
  • Users 0 members are here
Related Discussions
Home » Discussions » General

Access Denied

Sneha Yada
Certified Senior Developer

Hello All,

Redirected to "Access Denied Page" if I enter  ../ in the text box, is this expected?

a!localVariables(
  local!searchKeyword,
  a!columnsLayout(
    columns: {
      a!columnLayout(
        contents: {
          a!textField(
            label: "Search By Keyword",
            value: local!searchKeyword,
            saveInto: {
              local!searchKeyword,
              a!save(
                local!searchKeyword,
                trim(local!searchKeyword)
              )
            },
            refreshAfter: "KEYPRESS"
          )
        }
      )
    }
  )
)

Key in../ and click on enter, then the page below is displayed, any idea why?

Application logs:

  Discussion posts and replies are publicly visible

  • 0
    Certified Senior Developer

    Hi Sneha Yada,

    I tried the same interface setup in my environment (with ../ and <script> entered in a text field), but I’m not getting redirected or seeing any error like “Access Denied.” Here’s what I’ve found:

    1. Appian's security filters like Web Application Firewall /XSS protection they trigger only when potentially harmful input is used in sensitive functions (e.g., file paths, safe links, or document references).
    2. The environment also matters-some environments  like hardened production instances may have stricter WAF rules enabled,Extra logging or redirection layers,Older hotfixes/patches where certain bugs still exist.
  • 0
    Certified Lead Developer

    Someone else reporting this issue already here. Please open a support case.

© 2025 Appian. All rights reserved.
We want to hear from you! Submit a review on Gartner or G2.