Actions
Bug #37761
closed
Cockpit integration fails with AH: Unsafe URL with %3f URL rewritten without UnsafeAllow3F in foreman-ssl_error_ssl.log
Difficulty:
Triaged:
No
Description
Trying to access the web console takes the user to https://$foreman-fqdn/webcon/=$hostname?access_token=$token
Trying to access this url fails with 403, apparently mod_rewrite forbids rewrites where the request being rewritten contains %3F and the rewritten results has a ?. This behaviour can be turned off with a flag1.
[1] - https://httpd.apache.org/docs/2.4/rewrite/flags.html#flag_unsafe_allow_3f
Updated by Adam Ruzicka 4 months ago
Updated by The Foreman Bot 4 months ago
- Status changed from New to Ready For Testing
- Assignee set to Adam Ruzicka
- Pull request https://github.com/theforeman/puppet-foreman/pull/1177 added
Updated by The Foreman Bot 4 months ago
- Pull request deleted (
https://github.com/theforeman/puppet-foreman/pull/1177)
Updated by Adam Ruzicka 4 months ago
- Project changed from Installer to Foreman Remote Execution
- Category changed from Foreman modules to Foreman
Updated by Adam Ruzicka 4 months ago
- Red Hat JIRA set to SAT-27411
- Pull request https://github.com/theforeman/foreman_remote_execution/pull/918 added
Updated by Evgeni Golov 3 months ago
- Project changed from Foreman Remote Execution to Installer
- Category changed from Foreman to Foreman modules
- Pull request deleted (
https://github.com/theforeman/foreman_remote_execution/pull/918)
Updated by The Foreman Bot 3 months ago
- Pull request https://github.com/theforeman/puppet-foreman/pull/1185 added
Updated by Evgeni Golov 3 months ago
- Status changed from Ready For Testing to Closed
Updated by The Foreman Bot 3 months ago
- Pull request https://github.com/theforeman/foreman-installer/pull/980 added
Actions