ProxySG/EdgeSWG curl POST/PUT upload issue, Policy Trace shows http://POST/ instead of domain
search cancel

ProxySG/EdgeSWG curl POST/PUT upload issue, Policy Trace shows http://POST/ instead of domain

book

Article ID: 275640

calendar_today

Updated On:

Products

SG-S400 ISG Proxy ProxySG Software - SGOS Advanced Secure Gateway Software - ASG

Issue/Introduction

Customer has allowed curl POST/PUT on Proxy with CPL code, but the curl is not working:

<proxy>

url.domain=example.com client.protocol=http http.method=PUT authenticate(no) allow

url.domain=example.com client.protocol=http http.method=POST authenticate(no) allow

<SSL-Intercept>
url.domain=example.com ssl.forward_proxy(yes)

 

PLEASE NOTE: SSL-interception is required for curl to work properly. If the client doesn't want to validate server certificate against browser-trusted  PROXYSG CA-CERTICATES list then needs to add 

<SSL>
url.domain=example.com server.certificate.validate(no)

 

When executing the curl POST command via PROXY:

curl --proxy <proxyip:8080> POST "<request-url>" -H "authorization:token" -H "Content-Type:application/octet-stream" --upload-file "<file source>" –verbose

 

Request is allowed by Proxy with HTTP200 message, but the curl is being sent instead to https://example.com/file.csv to http://PUT/file.csv when it's executed

 

CURL OUTPUT:

DNS unresolved hostname. Network Error

 

POLICY TRACE:

EXCEPTION(dns_unresolved_hostname): Request could not be handled

 

WIRESHARK TRACE:

Environment

Release : 6.7.5.8

Cause

CURL SYNTAX OBJECT ERROR. BAD SYNTAX OF CURL REQUEST

curl --proxy <proxyip:8080> POST "<request-url>" -H "authorization:token" -H "Content-Type:application/octet-stream" --upload-file "<file source>" –verbose

 

Resolution

CORRECT ONE

curl --proxy <proxyip:8080> -X POST "<request-url>" -H "authorization:token" -H "Content-Type:application/octet-stream" --upload-file "<file source>" –verbose

Additional Information

Articles:

Powered by Wolken Software