2088726 - Error - Antivirus Software Causing Issues with Application Functionality - Platform

SAP Knowledge Base Article - Public

2088726 - Error - Antivirus Software Causing Issues with Application Functionality - Platform

Symptom

  • This solution discusses the scenario of Anti-Spyware and its impact on the SuccessFactors application. This includes but is not limited to Symantec Nortons, McAfee, KaSperSky, BitDefender, Webroot.
     
  • This may also be known as a sanitization function. URL filtering. URL Scanner.
     

 Problem

 
  • Problems can be unpredictable and varied since antivirus software can have unknown impacts on a webpage.
     
  • Common behaviors manifested can be

1. Forms will not route at all and just stay where they are after clicking button

2. Buttons do not work or result in errors

3. Webpages fail to load properly or load with errors

4. Compensation, Recruiting, Performance and Goals are all modules that can be affected. Any page could be affected.

Environment

  • BizX Platform

Cause

  • Many antivirus products such as Kaspersky and McAfee have active HTML parsing where the HTML we send your end users is first intercepted by your security software protocols and evaluated for any malicious code, java applets, sql injection, trojans, malware etc.
     
  • Most often and most aggressive stripping of code occurs with javascript applets. The SuccessFactors application heavily uses javascript, and companies must ensure that HTML delivered by the SuccessFactors application reaches the end users 100% intact, without any changes at all.
     
  • Also in the POST transaction companies must not implement any software that changes the HTML being sent back to SuccessFactors as this can have unexpected impacts and lead to issues with data that SuccessFactors is unable to resolve.
     
  • Since we are a web-based solution and users can enter any data into comment fields and send that in the transaction it is understandable that companies want to scan and sanatize against sql injection etc, but any change to the core HTML will result in undesired results outside of SuccessFactors control. 
     
  • If your internal software has not been set as a trusted provided in all of your web technologies then it might be actively removing pieces of HTML code from the page we deliver resulting in the end user getting a form or webpage that is no longer 100% functional.

Resolution

  • As it is almost impossible to know what your software is doing to our delivered HTML, you should proceed as follows: 
     
  • Make sure www.successfactors.com is a trusted resource in all web-based technologies and antivirus software.

          Note: Work with customer support to determine the data center you are served from and any IP Addresses used by SuccessFactors. More info here...

 

1. Engage with your IT department and have them provide you a fresh laptop that does NOT have your corporate image or ANY corporate software loaded. Basically you want as close to out of the box laptop as you can find.

2. Access the SuccessFactors site from a location NOT within your company network. Basically access it from home or some location where you use public Internet, and are not on your VPN.

3. Open the web browser and navigate to page(s) or features affected.

4. Test the features

5. If the features are now working without issue then you have proven that the issue is not with the SuccessFactors Application itself, but related to

a. antivirus software

b. corporate computer image

c. typical browser version

d. combination of all

 

Your IT from this point should be able to slowly reintroduce functionality using a process of elimination to determine what is impacting the proper functionality of the SuccessFactors web-based software.

Once identified they will be able to update the corporate image to ensure all users can successfully use our software.

Keywords

KBA , sf system requirements , sf security , LOD-SF-PLT , Foundational Capabilities & Tools , Problem

Product

SAP SuccessFactors HCM Core all versions