I added a new rule for deny all the external requests to 'actuator' .(spring endpoints) as following:
The rule works as expected until I am using partial decode URL like:
<host>/%61ctuator
Do you know any way or a better to define a rule like that that block encoded URLs as well?
Cloud Armor recently released additional operator functionality that will allow for URL decoding of attributes within a given CEL rule match.
For example:
request.path.lower().urlDecode().contains("/actuator")
Related
I am using
PUT https://api.linkedin.com/v2/eventSubscriptions/(developerApplication:urn:li:developerApplication:{developer application ID},user:urn:li:user:{member ID},entity:urn:li:organization:{organization ID},eventType:ORGANIZATION_SOCIAL_ACTION_NOTIFICATIONS)
Linkedin API with all the parameters intact. Each URN is encoded as urn:li:organization:12345 is encoded to urn%3Ali%3Aorganization%3A12345 but still getting a 403 Response.
I think you forget to add this in headers :
X-Restli-Protocol-Version:2.0.0
The application id is actually a numeric field in the url when you visit your application settings, put that value instead of the client id.
So it turns out that there's a lot of missing/incorrect information in the documentation. Since I'm working in go, here's how I finally got the url formatted correctly:
fmt.Sprintf(
"https://api.linkedin.com/v2/eventSubscriptions/(developerApplication:%s,user:%s,entity:%s,eventType:ORGANIZATION_SOCIAL_ACTION_NOTIFICATIONS)",
url.QueryEscape(fmt.Sprintf("urn:li:developerApplication:%s", appId)),
url.QueryEscape(fmt.Sprintf("urn:li:person:%s", userId)),
url.QueryEscape(fmt.Sprintf("urn:li:organization:%s", organizationID)),
)
The breakdown:
The URNs, and only the URNs, need to be urlencoded.
Not the surrounding parentheses
Not the commas
Not the colons preceding the URNs (developerApplication:, user:, and entity:)
Your PUT request needs to include the X-Restli-Protocol-Version header and Authorization header
If, for some reason, you use the /rest/eventSubscriptions/ url instead of /v2/eventSubscriptions/, you also need to include the LinkedIn-Version header
The appId is not your app's client id, but instead the numeric id you see in the app settings url in the linkedin developer portal (i.e. https://www.linkedin.com/developers/apps/<appId>/auth)
The URN structure in the docs is wrong: you need to use urn:li:person:<userId>, not urn:li:user:<userId>
Backbone.js maintains routing information in a URL after the hash mark, e.g.:
http://localhost:3000#page/hardware/table/?action=details&actionTargetId=5&actionTargetName=10.3.177.185&actionTarget=host
Even though the routing information is in the format ?p1=v1&p2=v2&p3=v3, this portion is not technically part of the url query string since it comes after the hash mark.
My question is if I add an actual query string to our app's urls like this:
http://localhost:3000?newparam=newvalue#page/hardware/table/?action=details&actionTargetId=5&actionTargetName=10.3.177.185&actionTarget=host
is there any possibility of the "newparam" url parameter interfering with the backbone portion?
the problem is your not actually creating a legit query string. your mixing your route with your parameters.
your example is formatted as:
domain ? param # route ? other params
as soon as a questionmark appears in a url everything after it is interpreted as a query string. (in this case) even your route.
personally i suggest using the html5 pushstate.
Backbone.history.start({pushState: true})
this will give you clean(er) urls
http://localhost:3000/page/hardware/table/?newparam=newvalue&action=details&actionTargetId=5&actionTargetName=10.3.177.185&actionTarget=host
that will help your routes to not interfere with your parameters.
Question Edited for better understanding:
I have a WCF service and any of my links look like :
https://192.168.1.31/ContactLibrary2.0HTTPS/Service.svc/..... .
I want to get rid of the Service.svc. I installed URL Writer in IIS but i don't know how to work with it. I search a little bit and didn't find anything to help me with this particular problem.
Any idea ?
Assuming you are configuring the application hosted at /ContactLibrary2.0HTTPS directly (and not the website containing that directory, for example), you may add an exact match for:
rest/GetContact
with a rewrite url of:
Service.svc/rest/GetContact
Perhaps you wish to rewrite every action of Service.svc, however; then you would need a regular expression match for:
^rest/.*$
with a rewrite url of:
Service.svc/{R:0}
UPDATE
Assuming you also need to remove that string from the urls of your HTML pages, you would need to couple the aforementioned inbound rule with a new outbound rule, applied to the files you are interested in.
To do that, please:
add a new outbound rule to your website and give it a name;
add a new precondition with two rules (matching any of them):
{RESPONSE_CONTENT_TYPE} matches text/html
{RESPONSE_CONTENT_TYPE} matches application/xhtml+xmll
configure the rule to match the response scope, matching the content within A tags:
should match the pattern using a regular expression;
with this pattern: ^(.*)(/Service\.svc/)(.*)$
case insensitive;
configure the action to be a rewrite, with this value: {R:1}{R:3}
-I'm using a number of WordPress rewrite rules to allow for the injection of country-codes immediately at the beginning of the URL path, which are used to determine a timezone offset. An example:
add_rewrite_rule('^([A-Za-z]{2})/days/([0-9]+)/?$', 'index.php?geo=$matches[1]&m=$matches[2]&post_type=days','top');
This takes a request like www.daysoftheyear.com/days/2011/ (which would usually return all valid content for this request) and allows for, e.g., www.daysoftheyear.com/us/days/2011/ to return the same content but with support for a timezone offset based on the country-code.
This works fine in almost all places, with the exception of a single query type - one for 'days' custom post type pages, e.g., http://www.daysoftheyear.com/days/waffle-day/.
The rules I have in place are:
add_rewrite_rule('^([A-Za-z]{2})/?$', 'index.php?geo=$matches[1]','top');
add_rewrite_rule('^([A-Za-z]{2})/days/([0-9]+)/?$', 'index.php?geo=$matches[1]&m=$matches[2]&post_type=days','top');
add_rewrite_rule('^([A-Za-z]{2})/days/([0-9]+)/([0-9]+)/?$', 'index.php?geo=$matches[1]&m=$matches[2]$matches[3]&post_type=days','top');
add_rewrite_rule('^([A-Za-z]{2})/days/([0-9]+)/([0-9]+)/([0-9]+)/?$', 'index.php?geo=$matches[1]&m=$matches[2]$matches[3]$matches[4]&post_type=days','top');
add_rewrite_rule('^([A-Za-z]{2})/days/([A-Za-z\-].*)/?$', 'index.php?geo=$matches[1]&page=$matches[2]','top');
add_rewrite_rule('^([A-Za-z]{2})/([A-Za-z\-].*)/?$', 'index.php?geo=$matches[1]&pagename=$matches[2]','top');
The fifth rule shoud match http://www.daysoftheyear.com/gb/days/waffle-day/ in much the same way as above, but redirects - I suspect that it's confliucting with the inbuilt rules which attempt to redirect to a correct URL if it's malformed (e.g., if I type a close structural match to a correct URL, it'll redirect me to the correct resource).
I can confirm that the 'raw' URL for this request works - e.g., http://www.daysoftheyear.com/index.php?geo=en&name=soup-month&post_type=days returns a valid and expected result.
I'm not convinced this is a regex rule, rather than a specific challenge with the way WP manages custom post types?
EDIT
Updated to allow for hyphens - no change in behaviour, though regexpal reports that the regex works against the example URL.
Updated after disabling WP canonical redirects functionality - now 404'ing rather than 301'ing to the page.
Updated to use 'page' rather than 'pagename', based on the information here: http://codex.wordpress.org/Class_Reference/WP_Query#Post_.26_Page_Parameters - no change in behaviour.
Updated the code, added a linebreak and clarified that I'm actually referencing line 5, rather than line 4.
This request http://www.daysoftheyear.com/days/waffle-day/ won't match your fourth rule since you didn't allow - inside the group cature : ([A-Za-z].*). Replace this group with ([A-Za-z\-].*) and it should match.
HTH
Resolved; it appears that the above ruleset now works correctly - thanks all!
For example:
http://stackoverflow.com/questions/698627/ms-access-properties
The number is part of the URL but is an argument to the web app as opposed to other options like:
http://www.google.com/firefox?client=firefox-a&rls=org.mozilla:en-US:official
where all the args come after the '?'. I have used the second form before and I'm only trying to learn about the first form.
I'm sure I can find what else I need once I known what that's called so I can Google it.
URL Rewriting, generally.
Edit: Here is a good introduction to URL Rewriting.
Variables passed in the form of a URL are called the Query String. In a url like:
http://examples.com?a=b&c=d&e=f
The query string is ?a=b&c=d&e=f
In the Stackoverflow example, it uses URL Rewriting, specifically with MVC Routing to make 'pretty URLs'. There are other ways to do it in other languages. Some make use of Apache's mod_rewrite (example) while others parse the requested URI. In PHP a url like
http://example.com/index.php/test/path/info
can be parsed by reading $_SERVER['PATH_INFO'] which is /text/path/info.
Generally, they are using URL Rewriting to simulate the query string however. In the Stackoverflow example:
http://stackoverflow.com/questions/698711/what-is-the-name-for-that-thing-that-lets-part-of-the-url-be-an-argument
The important parts are the questions/698711. You can change the title of the question with impunity but the other two parts you cannot.
It's usually called the 'path info'.
That's just URL mapping. It lets you use pretty URLs instead of a large query string.
I believe the StackOverflow URL works that way because it is using MVC whereas your bottom example is using standard requests.
It is indeed done by URL rewriting.
Usually, web application frameworks do this automatically if you install it correctly on your server.
Check out CakePHP as an example.
It's called a URL parameter and uses the HTTP GET method. As others mentioned, it can be rewritten using URL rewriting so that the URL is easier to read and use. Some search keywords: "SEF URLs", "Apache Rewrite", "pretty URLs".