Access List URL Redirect BUG
Posted: Thu May 26, 2016 11:56 pm
Hi all,
I think I found a bug in the url redirect in the access list.
I have a list of IPs and ports that are allowed and at the buttom is a rule that matches everything and redirects to an instructions page.
When the "User source" is specified as some user or group, the redirection rule works as expected.
But if this field is empty, this rule simply blocks all outgoing connections, even these that should pass.
Steps to produce:
- Add as the first rule in the access list some hello world web app IP
- The second rule should match everything and redirects to that web app. Set the "Source User" to be the logged in user
- As expected any typed URL in the browser will be redirected to the hello world app
- Now clean the field "source user"
-Try again, this time the connection will hang and you won't be able to access the helloworld app
I think I found a bug in the url redirect in the access list.
I have a list of IPs and ports that are allowed and at the buttom is a rule that matches everything and redirects to an instructions page.
When the "User source" is specified as some user or group, the redirection rule works as expected.
But if this field is empty, this rule simply blocks all outgoing connections, even these that should pass.
Steps to produce:
- Add as the first rule in the access list some hello world web app IP
- The second rule should match everything and redirects to that web app. Set the "Source User" to be the logged in user
- As expected any typed URL in the browser will be redirected to the hello world app
- Now clean the field "source user"
-Try again, this time the connection will hang and you won't be able to access the helloworld app