Hello Community,
I would like to write a report which can check if the links given in the model are still valid. If the link is not valid any more and the report should get a corresponding error code, for example 404 not found.
Is it possible to trigger/open an external website link in the Aris report?
Thank you in advance!
Best
Hi
as far as I can tell, SoftwareAG disabled things like the Javascript XMLHttpRequest object because of security concerns.
Imagine someone somehow executes a malicious report that can send http post requests - the malicious script could transfer a lot of process data out of your company to some third party.
Web-Browsers load content in a sandbox environment - websites usually can't access system resources without user interaction (built-in browser dialog that allows the user to choose a file/ drag-and-drop file into browser window/...). That's why companies can allow employees to access the web with a browser, because the browser acts as a barrier in between company resources and the scary and potentially dangerous internet.
With ARIS reports there is no user-interaction barrier in between the valuable company process data, and the internet. Because of this I advise against interacting with the internet with a report.
Another thing to consider of why it may not even be worth to try it:
ARIS Reports are executed on the ARIS server, not on your ARIS client. I don't know your particular ARIS setup, but for bigger organizations the servers with company internal data usually stand in some sort of protected zone (protected zone as in "shielded with a firewall" - obviously also protected from physical access but it's more about the network traffic being restricted). Therefore it would be reasonable to assume that the ARIS server executing the script can't even resolve the URL to an IP, because it shouldn't have access to DNS servers other than those that manage company internal traffic. Furthermore (putting URL to IP resolve aside) the ARIS server should not be allowed to establish a connection to resolved IP addresses outside of the company network.