Is it possible for a Chromecast receiver to determine a particular sender's URL?
I can get a list of senders:
const context = cast.framework.CastReceiverContext.getInstance();
context.getSenders();
This returns an object like this:
{
id: "01234567-8901-2345-6789-abcdefabcdef.0:160531083194132871",
userAgent: "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWeb…L, like Gecko) Chrome/86.0.4240.198 Safari/537.36"
}
However, this doesn't contain the URL of the sender. I need to figure out the URL of the site being cast from. Is this possible? And if so, how?
Related
I m trying to integrate Instream VAST ads in my App, I used inmobi,
As the Sample Mentioned here for VAST ad request ,
I tried with different Parameter but nothing works, Is anybody tried Inmobi Instream Ads, has a success with It
My request
http://vast.w.inmobi.com/showad?plid=XXXXX&ua=Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4437.0 Safari/537.36 Edg/91.0.831.1&ip=XXX.XXX.XXX.XXX&gpid=XXXXXXXX&lmt=false&w=480&h=320&protocols=3&bundle=com.sample.bundle
with header
Content-Type & X-Forwarded-For
What is te correct way to set the user-agent in cypress Version 6 and later? Everthing i testet is not working. The Header Information is not send.
Is there is a workaround?
Is it possible to set the user-agent dynamically?
You can override your user-agent by providing its value in cypress.json file, something like:
{
"userAgent": "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36"
}
You can get the list of Commonly used User agents from the User-Agent MDN Documentation.
I am trying to fend off carding attacks on a Magento 2 store.
The attacker manually creates a shopping cart and from it is able to send repeated requests to Braintree and my store to test credit card numbers. Our security measures quickly detect when this behavior happens from a single IP address but have been much less effective when the attack is distributed.
Surprisingly, Magento 2 allows for requests to come from multiple IP address even though they refer to a single session and shopping cart ID (Note: the security settings for validate REMOTE_ADDR, HTTP_VIA, HTTP_X_FORWARDED_FOR, and HTTP_USER_AGENT are all enabled). I am trying to get Magento's attention to this problem. But in the meantime I am trying to find a workaround.
Take a look at the log below. As you can see these are requests coming from different IP addresses, but they refer to the same shopping cart id (oq2xk8h2h3ghvjrii93o in this case). I would like to create a mechanism that tracks the IP address used for each shopping cart id, and detects if there is an IP address change for an individual cart id. If such change happens, the IP addresses used for the shopping cart get banned, as well as any subsequent IP addresses that try to use the same shopping cart id.
We already have in place: Cloudflare (free), fail2ban, mod_security with OWASP rules. We can leverage and of these.
209.127.191.180, 173.245.52.210, 127.0.0.1 - - [06/Aug/2020:06:05:48 -0400] foobar.com "POST /rest/foobar_view/V1/guest-carts/oq2xk8h2h3ghvjrii93o/payment-information HTTP/1.0" 400 689 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.89 Safari/537.36"
185.164.56.185, 162.158.63.7, 127.0.0.1 - - [06/Aug/2020:06:06:01 -0400] foobar.com "POST /rest/foobar_view/V1/guest-carts/oq2xk8h2h3ghvjrii93o/payment-information HTTP/1.0" 400 689 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.89 Safari/537.36"
45.95.99.226, 162.158.78.135, 127.0.0.1 - - [06/Aug/2020:06:06:15 -0400] foobar.com "POST /rest/foobar_view/V1/guest-carts/oq2xk8h2h3ghvjrii93o/payment-information HTTP/1.0" 400 689 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.89 Safari/537.36"
193.8.127.117, 162.158.62.120, 127.0.0.1 - - [06/Aug/2020:06:06:27 -0400] foobar.com "POST /rest/foobar_view/V1/guest-carts/oq2xk8h2h3ghvjrii93o/payment-information HTTP/1.0" 400 689 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.89 Safari/537.36"
My initial thought was to "watch" the log file, and whenever there is a request that matches the pattern, save the IP address, the shopping cart ID and the timestamp in a separate file. Then generate a separate log file that will contain just the IP addresses I want to ban, and then use fail2ban to read this log file and do the rest.
I have been able to create custom filter/jail/action in fail2ban, the main challenge I have now is the part of "watching" the original server log, and then creating my custom log of bad IP addresses.
Thank you for your help!
You may want to see my fail2ban example Here:
vi /etc/fail2ban/filter.d/restapi.conf
[INCLUDES]
before = restapi.conf
[Definition]
failregex = ^ - .* "POST.HTTP." 400 .*$
vi /etc/fail2ban/filter.d/restapi.conf
[restapi]
enabled = true
port = http,https
filter = restapi
logpath = /var/www/vhosts/yourdomain.com/logs/access_ssl_log
bantime = 86400
findtime = 1200
maxretry = 5
service fail2ban restart
In short, fail2ban watches the log file so no need for a separate watcher.
The only thing that helps is reCaptcha unfortunately.
Plain attacks via single IP address or single CartID are no longer used.
Recent attacks include:
random IP addresses from all over the world
random CartID, generated on Magento 2.3.x sites that are unprotected
So fail2ban will not actually help.
reCaptcha is included in Magento 2.4.x, if you have 2.3.x you will need to get a separate plugin - https://swissuplabs.com/magento-google-recaptcha.html. This is a solid plugin.
If you cant do any of these, just disable Guest Cart and start working towards reCaptcha installation.
If you use Cloudflare, you can put your site "Under Attack Mode" - that puts a javascript challenge in front of the attackers and stops them.
I also recommend putting your payment gateway into authorize only mode. This is so you do not get into trouble with payment provider as you wont need to refund the transactions that went through.
From frontend application (Vue.js) I make axios (ajax) request to the URL of backend application (Golang) which works with Kerberos. I need to return information about the employee when frontend application makes GET request to the route of backend application.
Inside frontend application I make such axios request:
axios.get(url, {withCredentials: true})
Inside backend application I set CORS options like that:
headers := handlers.AllowedHeaders([]string{"X-Requested-With", "Content-Type", "Authorization"})
methods := handlers.AllowedMethods([]string{"GET", "POST", "PATCH", "PUT", "DELETE", "OPTIONS"})
origins := handlers.AllowedOrigins([]string{"*"})
credentials := handlers.AllowCredentials() // true
Right now client application raise HTTP 401 Unauthorized error when I make axios request. Everythink works fine only if I make request from browser.
In the log of the backend application I see such header information when I make request from browser:
map[Upgrade-Insecure-Requests:[1] User-Agent:[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.103 Safari/537.36] Accept:[text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3] Accept-Encoding:[gzip, deflate] Accept-Language:[ru-RU,ru;q=0.9,en-US;q=0.8,en;q=0.7] Connection:[keep-alive] Cache-Control:[max-age=0]]
map[Connection:[keep-alive] Upgrade-Insecure-Requests:[1] User-Agent:[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.103 Safari/537.36] Accept-Language:[ru-RU,ru;q=0.9,en-US;q=0.8,en;q=0.7] Cache-Control:[max-age=0] Authorization:[Negotiate YIIHVQYGKwYBBQUCoIIHSTCCB0WgMDAuBgkqhkiC9xIBAgIGCSqGSIb3EgECAgYKKwYBBAGCNwICHgYKKwYBBAGCNwICCqKCBw8EggcLYIIHBwYJKoZIhvcSAQICAQBuggb2MIIG8qADAgEFoQMCAQ6iBwMFACAAAACjggV4YYIFdDCCBXCgAwIBBaEPGw1LQVItVEVMLkxPQ0FMoi0wK6ADAgECoSQwIhsESFRUUBsaa3otZG1waWdudDA1Lmthci10ZWwubG9jYWyjggUnMIIFI6ADAgEXoQMCAQOiggUVBIIFETMAZStUfDPJR4GItJfk8JST2HU7YxuFq4HPQ/PWoK/gW5HzZj+dc9CC1stR/D/LhOJFKcAdzkDRmjHNanWWaolcJDhHttrGcF01jHH0xHVUPir8B/7j65QOXmedHIRDexlQsUzjztWuxtPQjERcZFPAo4RtTkpLB2wIHJaeNTevkBOofxVmBunxIqBk+h9Rk2qswOfQlj/Eevrm2R3t6AG3kgliUBg3KbrZ7KxRWUdx2dvaZ6lZ8sKLRY8NYorozVTDS4hlLiGAldZlXICO5PbyiXcy/qHyiUge98r1vqQzyVNYixG9ZEj7fy6hSNF3KDSgjjT70zLaRb8Bj44VKR8BKqRTh6zby+ku6VGjrUdn/7r9iG3G0nnjc+1/WQyY55afcI5SKs7oBJlfqsX5OPF+VEtWbDG2UVK9KiTIbtFpnl6rkimam0pFaT9Rthgcy/1ehR1OvPAajC46s1gFz9St0qZO2syqukfStb3bdWIdxNVQZMjKlHjMm2URtBNOK34kXzdEmLh9kYtufGBK9M1VMRJ53VijG1ZUEodYeUi0JVwfSAvpq2NVdJ1kOgY93REYjHVjSR7Ur3uUzxFszVj7ur35bjlUK+K7Dwu+AZNsNiQ6Xq9FIzZZzkcuA4s+L6FYx1ttCPqDw7cPIO+LlpsOyhxK+SP1N9E8veeR5sS3MPt6xsSPf70lw9m7ztVudIksDK5Myth6VY9QdpEGlbQ2XKaw+ZVjPyMhvn90eJznQXf4IpbhpE6r4owf4CuFMcJ4hZrnP9tmT9CrCdDzVunV6JCORwu5mErGitzjM8o1pesKw9lvrv/RxZQS9lI8MziRxTCp/ZiMZYk9ZlsyMAJMrquweaFHDFLRn3B20xJouH8GtR2TIefPuwkhJn1m7rbsnRZa7QAki+yBP/meLLffstU+fGGBiVQfsc1Tj6acZDRyFeMCbLnqZZGiFwhxsJtI1h/hs/F5awpEZ7P1eyjhK6p7v+itvhT9O4FYTQkJ/Fce9TMiUSxcPiTH5UbKAsOt7jaqJjGwJSFf3DtKpgulPLv42DlyX4+mnsDNMp1yniloh5j6goxc/riL8iqO9LEyxId0n3QyNNqs6Iq6ZjVk48bQ+mocNkLDJ85k8bZOVjnFrRlUHLzTqLPuNn1cbVn4yoFOj3DROfRQf9HEukE5wgjUg/nlKECsn+eJwfLFpNCiyJZnojOs5chW8E6IZgP/qGy/poqNAazuGFx9Bf8wqJ4UcQGWuu7IdGM2SdKttxigMnvR8wMkw8mvl2Z07vY8Czrl+h/NfMJZTdPJYk/VLiu5qXRMdAPiSI5HuvWZuuDpuh6FijvR3bRwtjOgoU5V96zSC6CfiLXZy5TWCTtWtg2OZYPXUrO+sTeSLCI8toJQzJ3QzQD7yiPmdsDr1VA/pbWn6o0M29L0R+uwkw17sf4XlEffWzPj+JDIFYOaMtPra/FNEOdyg2GGG5I13UvIJq6anNiSb54FQxOaX2ed7vQl3PTx4SB0+AxVTfic5osUZo9/GY8U+qIsMQRnECxGiNWBMkPRPupFjwLV3HAM27XE2KV7dk2HeMAuD4+reASoNrctPoBox16ACliE2XLL/hnmcASSi32XeJOCDTcvcaIeib4K8GceMK5P+himWI/RjuGy7yUfjQIx3kYQERoVZBXycQFnE9XNBlzknP0Tbfy6DKLrjx1s4x0s5ngKgy/xOYg4tq40V/D0Xa8ICpqkggFfMIIBW6ADAgEXooIBUgSCAU7K5/v8GkuLM9ygpogXpOHDnydt9A3f/2N/d49zmcFkQzNRR6enJpvm++OxEuho4Zl/PMhK5eHZT+Zl11EXrWfmzyBw5AE61vp/bTy4m1S/YYRexOyKuwV1eJIamp31iFuxgTJ6bHgij7B+H7crnb1cmzafooewazuKpycmtroqN7FMnFvohSWoB8IOudxEHF/oVSYrRhSFt63YqiJ5c2nLLKxhkFobkDS2IGuWsxQt9w7epEcgu73aVr3AwHT0IeeDUpIZIjfEtBZO77MipC+oGyUEZt1ZMMcP+I+3c9qht2Qj7nk+daOZSQge/3OCWzj6wpImsaBjCYNYz57+KEBIJDhMLZjR16ibnp8b+oGLgkQwm9TRuLZ9CHIy+lOgQv+aeGrNS3TvcjX3nIxlC3O9pImpExmhtLsapHLFOgMcdDyBMY0wsxvLNa/gKLqq] Accept:[text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3] Accept-Encoding:[gzip, deflate]]
As you can see browser somehow generate SPNEGO (Negotiate) token and set it to header automatically. I can't understand how I can make the same result via axios request. I will be grateful for any help.
I need to take browser details of an API which is requested by a client , By using user-agent i am able to take all details but it contains multiple browsers. So which one should i take, and spring boot is the frame work which i am using.
Controller code
#ResponseBody
#PostMapping(value = "heartbeatservice",produces="application/json")
public String heartBeatService(Model modelAtrrubute,#RequestHeader("User-Agent") String userAgent) {
System.out.println("---------------"+userAgent);
}
Out Put
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.84 Safari/537.36
When you make a request from Rest-Client u can set header as you want. Like User-Agent : Android. Browser default behavior they pass their User-Agent.
Above information is correct. Look at this User-Agent-History
Firefox : Mozilla/5.0 (Windows NT 5.1; rv:32.0) Gecko/20100101 Firefox/32.0
Contains Firefox/32.0 - it should be Firefox 32.0
Chrome : Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.84 Safari/537.36
Contains 'Chrome', but not 'Chromium' - so it would appear to be Chrome version 68.0