Exploring, predicting and reporting with SAS Visual Analytics and SAS Visual Statistics

URL referer from internal site to SASVisualAnalyticsHub site Error - Blocked

Accepted Solution Solved
Reply
Frequent Contributor
Posts: 80
Accepted Solution

URL referer from internal site to SASVisualAnalyticsHub site Error - Blocked

[ Edited ]

Hello all -  I have created a shortcut link from our internal site (http://atMyCompany/home) for our users to access to get redirected to our Visual Analytics Hub site.  Here is the link

https://MyServer.com/SASLogon/csrf?referer=http://atMyCompany/home&target=https://MyServer.com/SASVi...

 

I have gone through SMC > Application Management > SAS Application Infrastructure > and added "http://atMyCompany/home" in "sas.web.csrf.referers.knownHosts" and "sas.web.csrf.referers.performCheck" set to true.

 

I have also stopped and restarted entire services for all of my SAS servers (4 of them) and still does not work and I am getting the

"

You attempted to access a SAS application by using the following URL:

The URL has been blocked because it came from an untrusted site, which might be attempting a malicious attack. Please contact your SAS Administrator if you think the referring URL (http://atMycompany/home) should be allowed. The SAS Administrator should review the information about cross site request forgery in the SAS Intelligence Platform documentation for instructions about using the sas.web.csrf.referers.knownHosts setting to whitelist the referring URL.

"

Does anyone encounter this issue?

 

thanks again

 


Accepted Solutions
Solution
‎05-11-2018 11:25 AM
Frequent Contributor
Posts: 80

Re: URL referer from internal site to SASVisualAnalyticsHub site Error - Blocked

Posted in reply to JuanS_OCS

It is solved now Smiley Very Happy When I was reading the documentation it indicated to make sure to add trailing slash at the end of the URL.  After many attempt and per last response from SAS tech support I took out the trailing slash and only one entry and everything started to work.  So it looks like if you are redirecting from a SAS URL you need to add the trailing slash but if you are redirecting from a different site in my case internal site you don't need the trailing slash.

 

Thanks again

 

View solution in original post


All Replies
PROC Star
Posts: 399

Re: URL referer from internal site to SASVisualAnalyticsHub site Error - Blocked

Shouldn't it be myServer that should be added?

In your descrition you have two different servers (myServer and MyServer), are that misstyping or a fact?

Make sure you have all possible combinations of the domain name as valid servers.

 

I had a problem where I added www.myDomain.com to the whitelist but the server domain in the call was myDomain.com.

I needed to add both Smiley Happy

 

//Fredrik

Frequent Contributor
Posts: 80

Re: URL referer from internal site to SASVisualAnalyticsHub site Error - Blocked

Thank you @FredrikE, MyServer and myServer are the same it is a typo here.  I have added all possible with correct spelling but still is not working.   Opened a ticket with SAS Tech to see if they help.  I will keep you posted. 

 

thank you for your reply and help

Trusted Advisor
Posts: 1,852

Re: URL referer from internal site to SASVisualAnalyticsHub site Error - Blocked

[ Edited ]

Hello @L2Fly,

 

first of all, I would include http://atMycompany/ instead of http://atMycompany/home. and including the possible versions (shortname, fully qualified name, IP address/es). Do not forget the  / sign at the end. If that works, you can try again with http://atMycompany/home/ (do not forget the / sign at the end)

 

If everything fails, you can substitute all that string by a simple star sign (*), and then filter from there.

 

After every change, you need to restart the SASServerN_M services you have in your deployment (or, if you are in Linux, just the sas.server.mid script). The knownHosts list, should be enough. Never used the performCheck list in the past.

 

http://documentation.sas.com/?docsetId=bimtag&docsetTarget=p1xtsni38p58t3n1ljd2fy4c3joz.htm&docsetVe...

 

http://documentation.sas.com/?docsetId=bimtag&docsetTarget=n1d1g9qpptzp4qn1acqgh2iwi2ga.htm&docsetVe...

 

To enable hostname1.example.com and hostname2.example.com, enter the following: http://hostname1.example.com/,http://hostname2.example.com/.
Note: Omitting the trailing slash could allow sites to use a prefix attack to bypass these protections.
 
Note: You can restrict a value to an application on the whitelisted site by including the application's path in the value. Here is an example: http://hostname.example.com/my-application/.

 

 

 

 

Frequent Contributor
Posts: 80

Re: URL referer from internal site to SASVisualAnalyticsHub site Error - Blocked

Posted in reply to JuanS_OCS

None worked, I tried adding almost everything and still doesn't work.  I have a ticket to SAS let me see if it can be solved that way.  Will post the result.  I am still working on some other issues so this might take a little time to get back to it depends on the response I get.

thanks

Trusted Advisor
Posts: 1,852

Re: URL referer from internal site to SASVisualAnalyticsHub site Error - Blocked

@L2Fly, what is your version of SAS Visual Analytics?

Solution
‎05-11-2018 11:25 AM
Frequent Contributor
Posts: 80

Re: URL referer from internal site to SASVisualAnalyticsHub site Error - Blocked

Posted in reply to JuanS_OCS

It is solved now Smiley Very Happy When I was reading the documentation it indicated to make sure to add trailing slash at the end of the URL.  After many attempt and per last response from SAS tech support I took out the trailing slash and only one entry and everything started to work.  So it looks like if you are redirecting from a SAS URL you need to add the trailing slash but if you are redirecting from a different site in my case internal site you don't need the trailing slash.

 

Thanks again

 

☑ This topic is solved.

Need further help from the community? Please ask a new question.

Discussion stats
  • 6 replies
  • 432 views
  • 3 likes
  • 3 in conversation