Vulnerability in EPiServer.Forms

Try our conversational search powered by Generative AI!

Prevent onsite-implementation from "calling home"


We have EPiFind onsite, in a strictly controlled production environment. Connections to servers "outside" of our environment is prohibited. The onsite server works more or less as expected, but every 10 minutes, the following error is logged: 

2016-02-01 10:06:43,508 ERROR [186] ?.? - Could not fetch, the following occured: System.AggregateException: One or more errors occurred. ---> System.Threading.Tasks.TaskCanceledException: A task was canceled.
--- End of inner exception stack trace ---
at System.Threading.Tasks.Task`1.GetResultCore(Boolean waitCompletionNotification)
at EPiServer.Find.UI.Helpers.ExternalResourceHelper.FetchVersionFromExternalResource[T](String urlToJsonFile)
---> (Inner Exception #0) System.Threading.Tasks.TaskCanceledException: A task was canceled.<--->

This looks like EPiFind is trying to "call home". 

Can this be turned off? 

Feb 01, 2016 14:25

Looks like it's trying to get hold of the latest version...

Feb 01, 2016 16:15

This is how Find resolves the base path to client resources. Default value of clientSideResourceBaseUrl attribute in episerver.find.ui configuration section is$version$/ and the system tries to get the current version from in order to construct the base path for Find UI resources and tracking scripts. This value is cached for 10 minutes, that's why you get next call after cache is expired.

You can define base path for Find client resources explicitly in episerver.find.ui section:

<episerver.find.ui clientSideResourceBaseUrl="your-base-path"/>

I guess in your case the system uses as clientSideResourceBaseUrl when it fails to load last version.

Other option is enabling requests to and all sub-paths to ensure that you don't stick to specific version and will get updates and bug fixes in tracking scripts and Find UI.

Feb 02, 2016 14:45
* You are NOT allowed to include any hyperlinks in the post because your account hasn't associated to your company. User profile should be updated.