BookmarkSubscribeRSS Feed
_Ryan_
Fluorite | Level 6

I am attempting to run a stored process from an IIS server.  However the process is blocked and the user sees the following error.

 

You attempted to access a SAS application by using the following URL:

The URL has been blocked because it came from an untrusted site, which might be attempting a malicious attack.

 

 

https://go.documentation.sas.com/?cdcId=bicdc&cdcVersion=9.4&docsetId=bimtag&docsetTarget=p1xtsni38p...

 

 

My stored process has an address somewhat like http://myssitename.domainname.com/example_process.htm

 

In application management, configuration manager, SAS application infrastructure, I have the following settings.

 

sas.web.csrf.refers.allowNulltrue
sas.web.csrf.refers.blacklist 
sas.web.csrf.refers.knownHostshttp://mysitename.domainname.com/
sas.web.csrf.refers.performChecktrue
sas.web.csrf.refers.skipMethods 
sas.web.navigation.knownHostshttp://mysitename.domainname.com/

 

 

So can anyone tell me why the user is still blocked from running the stored process?

 

 

Note: if i set performCheck to false, the stored process works and the user is prompted to logon to SAS and can run the stored process, 

 

sas.web.csrf.refers.performCheckfalse

 

That works...but that defeats the the purpose of the whitelist.

 

 

 

3 REPLIES 3
Anand_V
Ammonite | Level 13

Hi @_Ryan_,

Similar query answered here - https://communities.sas.com/t5/SAS-Visual-Analytics/URL-referer-from-internal-site-to-SASVisualAnaly...

After many attempt and per last response from SAS tech support I took out the trailing slash and 
only one entry and everything started to work.
So it looks like if you are redirecting from a SAS URL you need to add the trailing slash
but if you are redirecting from a different site in my case
internal site you don't need the trailing slash.
_Ryan_
Fluorite | Level 6
Thanks Anand_V,

However in this case, removing the trailing slash did not help.

Still perplexed,

Ryan
Anand_V
Ammonite | Level 13
I would suggest you to raise a track with SAS Support by emailing them the error logs and changes tried at support@sas.com for faster resolution.

suga badge.PNGThe SAS Users Group for Administrators (SUGA) is open to all SAS administrators and architects who install, update, manage or maintain a SAS deployment. 

Join SUGA 

Get Started with SAS Information Catalog in SAS Viya

SAS technical trainer Erin Winters shows you how to explore assets, create new data discovery agents, schedule data discovery agents, and much more.

Find more tutorials on the SAS Users YouTube channel.

Discussion stats
  • 3 replies
  • 1888 views
  • 1 like
  • 2 in conversation