SECU0001 Alert : Unexpected properties recieved in HTTP Request

PoojaPalla · December 22, 2022, 11:12am

Hi All,

On Finish Assignment of a submit button click action, Pega Error page was displayed.

Upon Tracing I found the alert SECU0001 in my tracer stating the below

Referred the below article stating that the issue is resolved from 8.2v but Im still facing it in 8.4

josenavas · February 28, 2023, 3:09am

@PoojaPalla I also noticed the issue in Pega 8.8.1: (Pega Cloud)

Unexpected properties received in HTTP request : Rule-Obj-Activity: ReloadSection @The following unexpected properties were received in an HTTP request for Thread PS1__TABTHREAD2: UserPage.Proficiency, UserPage.RemoteAccessPlatformRef, UserPage.pyAssignedOperator, UserPage.pyNote

In my case, I’m refreshing a wrapper section and I specify a data transform which sets the initial values for the “UserPage” mentioned in the error above.

Thanks,

-Jose

Lakshmimadhurya_Tipireddy · January 25, 2024, 11:19pm

@josenavas Hi, We are also having same issue in our application. Were you able to resolve this issue? If yes, can you please post solution that you tried.

MarijeSchillern · January 26, 2024, 12:11pm

@lakshmimadhuryaT4218 @josenavas

The security SECU0001 alert is generated during the processing of HTTP requests. Properties that are not in the list of expected properties are ignored by the system during the processing of HTTP requests. After all HTTP parameters have been processed, the system generates this security alert, and lists all unexpected properties.

Kindly follow the below articles for more information/reason of this alert.

https://community.pega.com/support/support-articles/secu0001-alert-continuously-appears-alert-logs
https://support.pega.com/question/how-disable-secu0001-alert-pega-718

We have had few similar cases. In general currently we suggest clients to suppress the SECU0001 alerts taking into account the feedback that we have from the product team:

The SECU0001 alerts is an old feature where it logs an alert to warn that some extra properties are being added in the request. It does not have any significance with respect to security as Pega does not honor any extra properties sent through any request. There are areas of the platform that may trigger this alert along with your own custom code.

In order to suppress the alert you need to specify the setting (DSS):

purpose: prconfig/security/UnexpectedInputPropertyAlert/default
value: false
set owning ruleset as: Pega-Engine.

The main documentation can be found here:

Support Document

Understanding HTTP status codes for troubleshooting common issues

Alerts Documentation

SECU0001 alert: Unexpected properties received in HTTP request

If you still need help, please log a support incident via the MSP and please provide the INC references in a reply here so that we can help track it.

Conversation		Replies	Views
How to fix SECU0001 Alerts in PDC/Pega 8.4.2 General security , system-administration , java-and-activities , 8-4-2	1	453	February 9, 2023
SECU0001 Alerts logged when performing OOTB action in Pega 8.8.3 Blueprint and App Design pega-platform , security , enterprise-application-development , insights	2	136	June 11, 2024
Security alerts SECU0019 disappeared post upgrade to Pega 8.8.4 General pega-platform , senior-system-architect , security , installation-and-deployment , insurance , 8-8-4	7	208	April 22, 2025
SEC0019 Alert General system-administration , 8-4-2	4	1104	February 7, 2023
SECU0019 Unauthorized request detected when using OOTB control General security , 8-4-3	3	4987	November 30, 2021

SECU0001 Alert : Unexpected properties recieved in HTTP Request

Related topics