From c4460ab006875e56fee1561e4e57fa998bdfbd0f Mon Sep 17 00:00:00 2001 From: Nariman Abdullin Date: Tue, 17 Oct 2023 12:36:49 +0300 Subject: [PATCH 01/10] test 301 to vuln --- save-frontend/nginx.conf | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/save-frontend/nginx.conf b/save-frontend/nginx.conf index f09f1f5cdb..39e6a4b752 100644 --- a/save-frontend/nginx.conf +++ b/save-frontend/nginx.conf @@ -187,6 +187,10 @@ http { etag off; add_header Last-Modified ""; if_modified_since off; + + if ($http_host = cosv.gitlink.org.cn) { + return 301 /vuln; + } } } } From d1e17e4afe021d6323c29f106cb83eb2ddce9ba1 Mon Sep 17 00:00:00 2001 From: Nariman Abdullin Date: Tue, 17 Oct 2023 13:10:04 +0300 Subject: [PATCH 02/10] another test 301 to vuln --- save-frontend/nginx.conf | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/save-frontend/nginx.conf b/save-frontend/nginx.conf index 39e6a4b752..398d399dc1 100644 --- a/save-frontend/nginx.conf +++ b/save-frontend/nginx.conf @@ -182,15 +182,15 @@ http { # Specify files sent to client if specific file not requested (e.g. # GET www.example.com/). NGINX sends first existing file in the list. index index.html; - try_files $uri $uri/ /index.html; + if ($http_host = cosv.gitlink.org.cn) { + return 301 /vuln; + } else { + try_files $uri $uri/ /index.html; + } add_header Cache-Control "private; no-store"; etag off; add_header Last-Modified ""; if_modified_since off; - - if ($http_host = cosv.gitlink.org.cn) { - return 301 /vuln; - } } } } From c3d3e835c6f2825a2f1b4d02bcc46b4910e45ad3 Mon Sep 17 00:00:00 2001 From: Nariman Abdullin Date: Tue, 17 Oct 2023 13:33:47 +0300 Subject: [PATCH 03/10] proper test 1 --- save-frontend/nginx.conf | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/save-frontend/nginx.conf b/save-frontend/nginx.conf index 398d399dc1..e10eff957b 100644 --- a/save-frontend/nginx.conf +++ b/save-frontend/nginx.conf @@ -182,15 +182,14 @@ http { # Specify files sent to client if specific file not requested (e.g. # GET www.example.com/). NGINX sends first existing file in the list. index index.html; - if ($http_host = cosv.gitlink.org.cn) { - return 301 /vuln; - } else { - try_files $uri $uri/ /index.html; - } + try_files $uri $uri/ /index.html; add_header Cache-Control "private; no-store"; etag off; add_header Last-Modified ""; if_modified_since off; + if ($http_host = cosv.gitlink.org.cn) { + return 301 /vuln; + } } } } From 9a85dff7f6c85795e4f84230e4881a763e89f4af Mon Sep 17 00:00:00 2001 From: Nariman Abdullin Date: Tue, 17 Oct 2023 13:50:20 +0300 Subject: [PATCH 04/10] migrate to $host + redirect by a full url --- save-frontend/nginx.conf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/save-frontend/nginx.conf b/save-frontend/nginx.conf index e10eff957b..d9f82d1f39 100644 --- a/save-frontend/nginx.conf +++ b/save-frontend/nginx.conf @@ -187,8 +187,8 @@ http { etag off; add_header Last-Modified ""; if_modified_since off; - if ($http_host = cosv.gitlink.org.cn) { - return 301 /vuln; + if ($host = cosv.gitlink.org.cn) { + return 301 https://$host/vuln; } } } From 9ff875bc0b28792fe8c959aeec190599df93e070 Mon Sep 17 00:00:00 2001 From: Nariman Abdullin Date: Tue, 17 Oct 2023 14:04:54 +0300 Subject: [PATCH 05/10] redirect in first --- save-frontend/nginx.conf | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/save-frontend/nginx.conf b/save-frontend/nginx.conf index d9f82d1f39..8f5a021f69 100644 --- a/save-frontend/nginx.conf +++ b/save-frontend/nginx.conf @@ -182,14 +182,14 @@ http { # Specify files sent to client if specific file not requested (e.g. # GET www.example.com/). NGINX sends first existing file in the list. index index.html; + if ($host = cosv.gitlink.org.cn) { + return 301 https://$host/vuln; + } try_files $uri $uri/ /index.html; add_header Cache-Control "private; no-store"; etag off; add_header Last-Modified ""; if_modified_since off; - if ($host = cosv.gitlink.org.cn) { - return 301 https://$host/vuln; - } } } } From 6b32782fd30720cf525359affeccef73d999efa4 Mon Sep 17 00:00:00 2001 From: Nariman Abdullin Date: Tue, 17 Oct 2023 15:37:50 +0300 Subject: [PATCH 06/10] try to configure redirect on gateway level --- api-gateway/src/main/resources/application.yml | 7 +++++++ save-frontend/nginx.conf | 3 --- 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/api-gateway/src/main/resources/application.yml b/api-gateway/src/main/resources/application.yml index 5cbb96e193..b64d564e39 100644 --- a/api-gateway/src/main/resources/application.yml +++ b/api-gateway/src/main/resources/application.yml @@ -78,6 +78,13 @@ spring: filters: # If SESSION cookie is passed to downstream, it is then removed, because downstream discards it - RemoveRequestHeader=Cookie + - id: vuln_route + uri: ${gateway.frontend.url} + predicates: + - Path=/ + - Host=cosv.gitlink.org.cn + filters: + - RedirectTo=302, https://cosv.gitlink.org.cn/vuln --- spring: diff --git a/save-frontend/nginx.conf b/save-frontend/nginx.conf index 8f5a021f69..f09f1f5cdb 100644 --- a/save-frontend/nginx.conf +++ b/save-frontend/nginx.conf @@ -182,9 +182,6 @@ http { # Specify files sent to client if specific file not requested (e.g. # GET www.example.com/). NGINX sends first existing file in the list. index index.html; - if ($host = cosv.gitlink.org.cn) { - return 301 https://$host/vuln; - } try_files $uri $uri/ /index.html; add_header Cache-Control "private; no-store"; etag off; From 816da9eccb29b5a0774d7ac247abd6cd80bf2c9e Mon Sep 17 00:00:00 2001 From: Nariman Abdullin Date: Tue, 17 Oct 2023 17:05:01 +0300 Subject: [PATCH 07/10] redirect on FE level --- .../save/frontend/components/views/index/IndexView.kt | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/save-frontend/src/main/kotlin/com/saveourtool/save/frontend/components/views/index/IndexView.kt b/save-frontend/src/main/kotlin/com/saveourtool/save/frontend/components/views/index/IndexView.kt index 33bead61ba..acccbd2053 100644 --- a/save-frontend/src/main/kotlin/com/saveourtool/save/frontend/components/views/index/IndexView.kt +++ b/save-frontend/src/main/kotlin/com/saveourtool/save/frontend/components/views/index/IndexView.kt @@ -14,10 +14,18 @@ import react.Props import react.dom.html.ReactHTML.div import react.dom.html.ReactHTML.main +import react.router.useNavigate +import react.useEffect import web.cssom.* @Suppress("EMPTY_BLOCK_STRUCTURE_ERROR") val indexView: FC = FC { props -> + val navigate = useNavigate() + useEffect { + if (kotlinx.browser.window.location.run { hostname in setOf("cosv.dev", "https://cosv.gitlink.org.cn/") && pathname == "/"}) { + navigate("/vuln") + } + } useBackground(Style.INDEX) particles() main { From a0bca74419cfbbf9fbd922bb1b3cf70d433bb1e6 Mon Sep 17 00:00:00 2001 From: Nariman Abdullin Date: Tue, 17 Oct 2023 17:05:48 +0300 Subject: [PATCH 08/10] reverted changes in api-gateway --- api-gateway/src/main/resources/application.yml | 7 ------- 1 file changed, 7 deletions(-) diff --git a/api-gateway/src/main/resources/application.yml b/api-gateway/src/main/resources/application.yml index b64d564e39..5cbb96e193 100644 --- a/api-gateway/src/main/resources/application.yml +++ b/api-gateway/src/main/resources/application.yml @@ -78,13 +78,6 @@ spring: filters: # If SESSION cookie is passed to downstream, it is then removed, because downstream discards it - RemoveRequestHeader=Cookie - - id: vuln_route - uri: ${gateway.frontend.url} - predicates: - - Path=/ - - Host=cosv.gitlink.org.cn - filters: - - RedirectTo=302, https://cosv.gitlink.org.cn/vuln --- spring: From 9683c083ad9e4a912b154f27d8054800f35569a9 Mon Sep 17 00:00:00 2001 From: Nariman Abdullin Date: Tue, 17 Oct 2023 18:22:38 +0300 Subject: [PATCH 09/10] fixed hostname --- .../save/frontend/components/views/index/IndexView.kt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/save-frontend/src/main/kotlin/com/saveourtool/save/frontend/components/views/index/IndexView.kt b/save-frontend/src/main/kotlin/com/saveourtool/save/frontend/components/views/index/IndexView.kt index acccbd2053..b17a460fa8 100644 --- a/save-frontend/src/main/kotlin/com/saveourtool/save/frontend/components/views/index/IndexView.kt +++ b/save-frontend/src/main/kotlin/com/saveourtool/save/frontend/components/views/index/IndexView.kt @@ -22,7 +22,7 @@ import web.cssom.* val indexView: FC = FC { props -> val navigate = useNavigate() useEffect { - if (kotlinx.browser.window.location.run { hostname in setOf("cosv.dev", "https://cosv.gitlink.org.cn/") && pathname == "/"}) { + if (kotlinx.browser.window.location.run { hostname in setOf("cosv.dev", "cosv.gitlink.org.cn") && pathname == "/"}) { navigate("/vuln") } } From 1921ef87c75aa884cabbc02cf2db129235797bef Mon Sep 17 00:00:00 2001 From: Nariman Abdullin Date: Tue, 17 Oct 2023 18:53:47 +0300 Subject: [PATCH 10/10] diktatFix --- .../save/frontend/components/views/index/IndexView.kt | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/save-frontend/src/main/kotlin/com/saveourtool/save/frontend/components/views/index/IndexView.kt b/save-frontend/src/main/kotlin/com/saveourtool/save/frontend/components/views/index/IndexView.kt index b17a460fa8..15385e71b4 100644 --- a/save-frontend/src/main/kotlin/com/saveourtool/save/frontend/components/views/index/IndexView.kt +++ b/save-frontend/src/main/kotlin/com/saveourtool/save/frontend/components/views/index/IndexView.kt @@ -17,12 +17,13 @@ import react.dom.html.ReactHTML.main import react.router.useNavigate import react.useEffect import web.cssom.* +import kotlinx.browser.window @Suppress("EMPTY_BLOCK_STRUCTURE_ERROR") val indexView: FC = FC { props -> val navigate = useNavigate() useEffect { - if (kotlinx.browser.window.location.run { hostname in setOf("cosv.dev", "cosv.gitlink.org.cn") && pathname == "/"}) { + if (window.location.run { hostname in setOf("cosv.dev", "cosv.gitlink.org.cn") && pathname == "/" }) { navigate("/vuln") } }