I have a question: '*' in url policy can not match a '*' in url.
When there is a '*' in the url , the request will be forbidden by openAM. I don't know how to resolve it.
For example:
Similarly the policy 'http:// www.example.com:8000/**?*' ,
matches 'http://www.example.com:8000/WebApp/index.htm?ttt=1',
but not matches 'http://www.example.com:8000/WebApp/index.htm?ttt=1*1'
why?
How to resolve this?
I think you are running into OPENAM-8134, you will need to upgrade to one of the fixed versions.
Related
am struggling finding a solution with reverse proxy.
The goal is to be able to dynamically reroute, based on URI path, the incoming requests, e.g :
https://a.b.c/23432/IP.IP.IP.IP.IP/Path should be proxied to https://IP.IP.IP.IP:23432/Path
While it is working at first sight with
location ~ ^/(?<targetport>([0-9]+)?)/(?<targethost>[^/]+) {
proxy_pass http://$targethost:$targetport;
[...]
in the end, only the first element (index.html) is served correctly. The requests made by this page (let's say js/my.js) obviously forget the return path, and are generated to access https://a.b.c/js/my.js, and fail to be served.
I tried setting http_referer (even reverse_proxying the request to it) but it doesn't help as am unable to reparse it correctly
What am I missing here ?
Thanks for your help
Problem solved, the proxied site was prefixing all the resources with /, killing the initial path
My demand is as follows:
If I request an URL like this
http://example.com/10-10-43-3
the server gets the resource from
http://10.10.43.3
and response to me.
10-10-43-3 can be arbitrary URL that replace '.' with '-'.
How can I achieve it through nginx? Something like location and proxy_pass?
The following should help get you started.
location /10-10-43-3 {
proxy_pass http://10.10.43.3;
}
If there are other redirects that need to be accounted for, you will most likely need to add variations to the above as well as regular expression handling.
First of all those similars questions does not fit my situation, I've tried all the .htaccess solutions already.
I have a WordPress site (A) which handles the reservation form, and the form submit to another server (B) which handle the data (as well as follow up customer and payment), after the submission success I need to redirect to thanks-you page in A. but this happens
XMLHttpRequest cannot load B. Redirect from 'B' to 'A/thanks-you/' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'A' is therefore not allowed access.
I understand that by setting the response header from B will fix the issue, but I don't have access to it. (Already tested)
So my question is it possible to work on server A to fix this?
Thanks for all the comments and answer.
This CORS issue is troubling many, try below option it may help you.
Just changed Origin URL from http to https and issue resolved in my case. There is another way to fix an issue too.
REF : https://crunchify.com/how-to-fix-access-control-allow-origin-issue-for-your-https-enabled-wordpress-site-and-maxcdn/
just add below line into your .htaccess file.
Header set Access-Control-Allow-Origin "*"
Using OpenAM: 10.0.1 and having URLs that look like:
http://domain/apps/index?Id=00
which matches the following policy
http://domain/apps/*?*
I want to make http://domain/apps/index?Id=01 use a different policy which follows a specific authentication chaining (HOPT, required).
So I tried creating it and using the exact same URL setting the authentication chaining at the condition but OpenAM ignores it, unless the other policy is disabled.
My conclussion, if the URL matches two policies, either of them can grant access.
Any idea on how to force using a specific policy?
Thanks in advance.
I am trying to do this:
http://somehost.net/edit.php?url=http://www.youtube.com/watch?v=EgHY53dOZ-U
Forbidden
You don't have permission to access edit.php on this server.
Is there a way to fix this through javascript(jquery), cause I am passing argument through ajax call.
I have tried it this way but without success:
$('#videofrm').load('edit.php?url='+encodeURI($(this).siblings('a').attr('href'))
You should fix the chmoding issues on the server.
Edit
What your edit.php doing ? If it redirecting to somewhere else ? then echo the result url before redirecting.
You can follow Tomalak Geret'kal if you want/can rewrite the .htaccess. otherwise you need to pass the url without the http:// part and prepend an http:// on edit.php
If you don't have permission to access edit.php, then it doesn't matter how many different ways you try to request it: you don't have permission.
Fix the permissions on the server, likely using chmod if the server is on Linux.
Update
You have a server configuration issue. I can only replicate the problem when passing the string :// inside the querystring.
Try writing AllowEncodedSlashes On in your httpd config, as per this question/answer.
You will then need to make sure you encode your URI properly:
http://somehost.net/edit.php?url=http%3A%2F%2Fwww.youtube.com%2Fwatch%3Fv=EgHY53dOZ-U
(it looks like your encodeURI call should take care of that part)
AllowEncodedSlashes allows slashes to be present in the query string as long as they're encoded which, for some reason, is not the case by default. The docs say that failure produces a 404, not a 403, but I still think that this is the cause.
If you are not able to manipulate configuration options for your webserver, workarounds include:
Choosing a stand-in term for http:// like http!!! that you will programmatically revert in the PHP script;
If you always use http:// (as opposed to, say, ftp:// or some local path), just leave it off the query string entirely and prepend it to the input in your PHP script (preferred workaround).
Hope that helps.