Uploaded image for project: 'OpenAM Agents'
  1. OpenAM Agents
  2. AMAGENTS-3663

Nginx Agent print absolute build path into debug logs

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Open
    • Priority: Minor
    • Resolution: Unresolved
    • Affects Version/s: 5.7.0, 5.8.0
    • Fix Version/s: None
    • Component/s: Web Agents
    • Environment:
      Ubuntu 20.04 / Nginx Plus r22
      Web Agent 5.7.0-RC3

      Description

      Nginx Agent print absolute build path into debug logs.

      Steps to reproduce

      1.) Create a html page (in my case logout.html)

      <html>
      <head>
          <title>Logout Page</title>
          <meta http-equiv="Cache-Control" content="no-cache, no-store, must-revalidate">
          <meta http-equiv="Pragma" content="no-cache">
          <meta http-equiv="Expires" content="0">
      </head>
      <body>
      Logout Page!
      </body>
      </html>
      

      2.)Optional: Configure agent logout

      3.) Hit the Logout.html page and observe the logs

      Observed

      Logs contain absolute path which was used on build machine

      /root/workspace/nts_C_Agents_Release_master-5E4OG4CKDHSHSIGPJSU2XDU2UF4WMY6OLWE6UHSMJB3AKC7U3VHA/build/web_agents/nginx22_agent/auth-module/ngx_agent_auth_module.c:998 
      2020-08-07 08:26:17 GMT DEBUG   [68d5a9c1-50f1-e129-b4e0-ca1b22072d27]: (source/enforce/enforce_not_enforced_handler.c:45) handle_not_enforced(): http://wpa.pentest.forgeops.com:80/web/restricted/logout.html is an application logout url (not enforced)
      2020-08-07 08:26:17 GMT DEBUG   [68d5a9c1-50f1-e129-b4e0-ca1b22072d27]: (source/enforce/enforce_status_handler.c:769) handle_exit_status(): (entry status: success)
      2020-08-07 08:26:17 GMT DEBUG   [68d5a9c1-50f1-e129-b4e0-ca1b22072d27]: (/root/workspace/nts_C_Agents_Release_master-5E4OG4CKDHSHSIGPJSU2XDU2UF4WMY6OLWE6UHSMJB3AKC7U3VHA/build/web_agents/nginx22_agent/auth-module/ngx_agent_auth_module.c:998) agent setting response header Set-Cookie -> am-auth-jwt=; Path=/; HttpOnly; Max-Age=0; Expires=Thu, 01-Jan-1970 00:00:00 GMT
      2020-08-07 08:26:17 GMT DEBUG   [68d5a9c1-50f1-e129-b4e0-ca1b22072d27]: (/root/workspace/nts_C_Agents_Release_master-5E4OG4CKDHSHSIGPJSU2XDU2UF4WMY6OLWE6UHSMJB3AKC7U3VHA/build/web_agents/nginx22_agent/auth-module/ngx_agent_auth_module.c:998) agent setting response header Cache-Control -> max-age=0, no-cache, no-store, must-revalidate
      2020-08-07 08:26:17 GMT DEBUG   [68d5a9c1-50f1-e129-b4e0-ca1b22072d27]: (/root/workspace/nts_C_Agents_Release_master-5E4OG4CKDHSHSIGPJSU2XDU2UF4WMY6OLWE6UHSMJB3AKC7U3VHA/build/web_agents/nginx22_agent/auth-module/ngx_agent_auth_module.c:998) agent setting response header Pragma -> no-cache
      2020-08-07 08:26:17 GMT DEBUG   [68d5a9c1-50f1-e129-b4e0-ca1b22072d27]: (/root/workspace/nts_C_Agents_Release_master-5E4OG4CKDHSHSIGPJSU2XDU2UF4WMY6OLWE6UHSMJB3AKC7U3VHA/build/web_agents/nginx22_agent/auth-module/ngx_agent_auth_module.c:998) agent setting response header Expires -> Sat, 01 Jan 2000 01:00:00 GMT
       

        Attachments

          Activity

            People

            Assignee:
            Unassigned Unassigned
            Reporter:
            richard.hruza Richard Hruza
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Dates

              Created:
              Updated: