Geocortex Essentials 4.13.3 introduced a security patch to the proxy page that is included in the Viewer for HTML5.
This proxy page is used when requests cannot be made directly to the backing server. It is used most often for service requests and for relaying data to Geocortex Analytics.
The security concern that was addressed was an issue that could be exploited by a malicious attacker registering a domain name (DNS entry) that contained another domain name in it. For example, if a customer had the domain geocortexcustomer.com, and they had an entry in the proxy.config file that permitted relaying to the host https://geocortexcustomer.com, then a request to relay to the host geocortexcustomer.com.unwantedhost.com would be permitted to pass through the proxy.
To close this vulnerability, logic was added to the proxy page to add a forward slash if the proxy.config entry did not end with a forward slash. While this has the desired effect of stopping the above scenario, it has an additional undesired effect of converting a proxy.config entry from:
https://geocortexanalytics/Geocortex/Analytics/clientRelay
To:
https://geocortexanalytics/Geocortex/Analytics/clientRelay/
This means that customers who use a specific URL in the proxy.config may not be able to issue requests through the proxy page to that specific URL.
As a workaround, you may remove parts of the URL in the proxy.config until it ends in a slash. To fix the issue with the client relay, specify the following URL:
https://geocortexanalytics/Geocortex/Analytics/
Where "geocortexanalytics" is the hostname of your Analytics server that normally receives viewer data.
This proxy page is used when requests cannot be made directly to the backing server. It is used most often for service requests and for relaying data to Geocortex Analytics.
The security concern that was addressed was an issue that could be exploited by a malicious attacker registering a domain name (DNS entry) that contained another domain name in it. For example, if a customer had the domain geocortexcustomer.com, and they had an entry in the proxy.config file that permitted relaying to the host https://geocortexcustomer.com, then a request to relay to the host geocortexcustomer.com.unwantedhost.com would be permitted to pass through the proxy.
To close this vulnerability, logic was added to the proxy page to add a forward slash if the proxy.config entry did not end with a forward slash. While this has the desired effect of stopping the above scenario, it has an additional undesired effect of converting a proxy.config entry from:
https://geocortexanalytics/Geocortex/Analytics/clientRelay
To:
https://geocortexanalytics/Geocortex/Analytics/clientRelay/
This means that customers who use a specific URL in the proxy.config may not be able to issue requests through the proxy page to that specific URL.
As a workaround, you may remove parts of the URL in the proxy.config until it ends in a slash. To fix the issue with the client relay, specify the following URL:
https://geocortexanalytics/Geocortex/Analytics/
Where "geocortexanalytics" is the hostname of your Analytics server that normally receives viewer data.
Comments
0 comments
Article is closed for comments.