BookmarkSubscribeRSS Feed
🔒 This topic is solved and locked. Need further help from the community? Please sign in and ask a new question.
L2Fly
Pyrite | Level 9

Hello all -  I have created a shortcut link from our internal site (http://atMyCompany/home) for our users to access to get redirected to our Visual Analytics Hub site.  Here is the link

https://MyServer.com/SASLogon/csrf?referer=http://atMyCompany/home&target=https://MyServer.com/SASVi...

 

I have gone through SMC > Application Management > SAS Application Infrastructure > and added "http://atMyCompany/home" in "sas.web.csrf.referers.knownHosts" and "sas.web.csrf.referers.performCheck" set to true.

 

I have also stopped and restarted entire services for all of my SAS servers (4 of them) and still does not work and I am getting the

"

You attempted to access a SAS application by using the following URL:

The URL has been blocked because it came from an untrusted site, which might be attempting a malicious attack. Please contact your SAS Administrator if you think the referring URL (http://atMycompany/home) should be allowed. The SAS Administrator should review the information about cross site request forgery in the SAS Intelligence Platform documentation for instructions about using the sas.web.csrf.referers.knownHosts setting to whitelist the referring URL.

"

Does anyone encounter this issue?

 

thanks again

 

1 ACCEPTED SOLUTION

Accepted Solutions
L2Fly
Pyrite | Level 9

It is solved now Smiley Very Happy When I was reading the documentation it indicated to make sure to add trailing slash at the end of the URL.  After many attempt and per last response from SAS tech support I took out the trailing slash and only one entry and everything started to work.  So it looks like if you are redirecting from a SAS URL you need to add the trailing slash but if you are redirecting from a different site in my case internal site you don't need the trailing slash.

 

Thanks again

 

View solution in original post

6 REPLIES 6
FredrikE
Rhodochrosite | Level 12

Shouldn't it be myServer that should be added?

In your descrition you have two different servers (myServer and MyServer), are that misstyping or a fact?

Make sure you have all possible combinations of the domain name as valid servers.

 

I had a problem where I added www.myDomain.com to the whitelist but the server domain in the call was myDomain.com.

I needed to add both 🙂

 

//Fredrik

L2Fly
Pyrite | Level 9

Thank you @FredrikE, MyServer and myServer are the same it is a typo here.  I have added all possible with correct spelling but still is not working.   Opened a ticket with SAS Tech to see if they help.  I will keep you posted. 

 

thank you for your reply and help

JuanS_OCS
Azurite | Level 17

Hello @L2Fly,

 

first of all, I would include http://atMycompany/ instead of http://atMycompany/home. and including the possible versions (shortname, fully qualified name, IP address/es). Do not forget the  / sign at the end. If that works, you can try again with http://atMycompany/home/ (do not forget the / sign at the end)

 

If everything fails, you can substitute all that string by a simple star sign (*), and then filter from there.

 

After every change, you need to restart the SASServerN_M services you have in your deployment (or, if you are in Linux, just the sas.server.mid script). The knownHosts list, should be enough. Never used the performCheck list in the past.

 

http://documentation.sas.com/?docsetId=bimtag&docsetTarget=p1xtsni38p58t3n1ljd2fy4c3joz.htm&docsetVe...

 

http://documentation.sas.com/?docsetId=bimtag&docsetTarget=n1d1g9qpptzp4qn1acqgh2iwi2ga.htm&docsetVe...

 

To enable hostname1.example.com and hostname2.example.com, enter the following: http://hostname1.example.com/,http://hostname2.example.com/.
Note: Omitting the trailing slash could allow sites to use a prefix attack to bypass these protections.
 
Note: You can restrict a value to an application on the whitelisted site by including the application's path in the value. Here is an example: http://hostname.example.com/my-application/.

 

 

 

 

L2Fly
Pyrite | Level 9

None worked, I tried adding almost everything and still doesn't work.  I have a ticket to SAS let me see if it can be solved that way.  Will post the result.  I am still working on some other issues so this might take a little time to get back to it depends on the response I get.

thanks

JuanS_OCS
Azurite | Level 17

@L2Fly, what is your version of SAS Visual Analytics?

L2Fly
Pyrite | Level 9

It is solved now Smiley Very Happy When I was reading the documentation it indicated to make sure to add trailing slash at the end of the URL.  After many attempt and per last response from SAS tech support I took out the trailing slash and only one entry and everything started to work.  So it looks like if you are redirecting from a SAS URL you need to add the trailing slash but if you are redirecting from a different site in my case internal site you don't need the trailing slash.

 

Thanks again

 

hackathon24-white-horiz.png

The 2025 SAS Hackathon has begun!

It's finally time to hack! Remember to visit the SAS Hacker's Hub regularly for news and updates.

Latest Updates

Tips for filtering data sources in SAS Visual Analytics

See how to use one filter for multiple data sources by mapping your data from SAS’ Alexandria McCall.

Find more tutorials on the SAS Users YouTube channel.

Discussion stats
  • 6 replies
  • 8606 views
  • 3 likes
  • 3 in conversation