abdulsalam3105 commented on issue #12064:
URL:
https://github.com/apache/trafficserver/issues/12064#issuecomment-2728764786
Hi @shukitchan , i have modifed x-jsa-authorization-redirect with my
required url, using below script
function send_response()
local header_name = "x-jsa-authorization-redirect"
local jsa = ts.client_response.header[header_name]
local file = io.open("/var/log/trafficserver/lua.log", "a")
if jsa then
file:write("Original Header: " .. jsa .. "\n")
-- Replace redirect_uri host in the encoded header.
-- Matches: redirect_uri=https%3A%2F%2F(ihsurl.com)
local modified = jsa:gsub("(redirect_uri=https%%3A%%2F%%2F)ihsurl.com",
"%1trafficserver.com", 1)
-- Replace return host inside the encoded state parameter.
-- Matches: return%3Dhttps%253A%252F%252F(ihsurl.com)
modified =
modified:gsub("(return%%3Dhttps%%253A%%252F%%252F)ihsurl.com",
"%1trafficserver.com", 1)
ts.client_response.header[header_name] = modified
file:write("Modified Header: " .. modified .. "\n")
else
file:write("Header not found!\n")
end
file:close()
end
function do_remap()
ts.hook(TS_LUA_HOOK_SEND_RESPONSE_HDR, send_response)
local file = io.open("/var/log/trafficserver/lua.log", "a")
file:write("Lua script is running.\n")
file:close()
return 0
end
while performing curl request, it got change as excepted. but while
accessing via browser am facing same error. csrf attack. in network console,
i see redirect-uri doesnt chagne to ATS url.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
