After upgrading SGOS on a ProxySG appliance or MACH5 edition appliance, scripts that send CLI commands to the system as POST method requests result in an error message, "Server requires a valid encrypted token in the request." The scripts worked prior to upgrading to SGOS 6.7.4.1 and later.
Server requires a valid encrypted token in the request.
Additional security mechanisms were implemented.
Your script must request an encrypted token from the appliance, and then include the token in subsequent HTTP requests that use the POST method.
When the encrypted token is passed in the header, it is identified by the label "X-Bluecoat-Enc-Token". Refer to the following example:
X-Bluecoat-Enc-Token: JVizLJLt5YzKvcJqSl7y9HdMSNZTyDJpV8yrvFGni-uuO6-uWqyN9xXbBWbeNLtBAE7TAv4xRYtkpErIWjqr31m61ApC8wGoqJyA_EZ0iMfjCF5qG9kErL10SnLN23hVMLh_oSeXnM_zcBDVgRsoid8
When the encrypted token is passed in the body, it can be part of a query string when Content-Type is "application/x-www-form-urlencoded", or it can be one of the multipart sections when Content-Type is "multipart/form-data".
Note: Some ProxySG Advanced URLs will accept only one of the specified content types.
bluecoat-enc-token=JVizLJLt5YzKvcJqSl7y9HdMSNZTyDJpV8yrvFGni-uuO6-uWqyN9xXbBWbeNLtBAE7TAv4xRYtkpErIWjqr31m61ApC8wGoqJyA_EZ0iMfjCF5qG9kErL10SnLN23hVMLh_oSeXnM_zcBDVgRsoid8
Important: Standard formatting requires an empty line as the start of the body.
--------32456734
":
----------32456734
Content-Dispositi
on: name="bluecoat-enc-token"; form-data
JVizLJLt5YzKvcJqSl7y9HdMSNZTyDJpV8yrvFGni-uuO6-uWqyN9xXbBWbeNLtBAE7TAv4xRYtkpErIWjqr31m61ApC8wGoqJyA_EZ0iMfjCF5qG9kErL10SnLN23hVMLh_oSeXnM_zcBDVgRsoid8
----------32456734
Important: Standard formatting requires an empty line after the Content-Disposition
line.