RequestDumperValve breaks POST request - coldfusion

I have an historic ColdFusion 9 server running on top of JBoss 5.1 on Scientific Linux 6.2.
Every once in a while I see the error
2019-08-20 12:15:30,621 ERROR [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost].[/REDACTED].[CfmServlet]] (ajp-0.0.0.0-8009-8) Servlet.service() for servlet CfmServlet threw exception
javax.servlet.ServletException: ROOT CAUSE:
java.lang.IllegalArgumentException
at coldfusion.filter.FormScope.parseQueryString(FormScope.java:375)
at coldfusion.filter.FormScope.parsePostData(FormScope.java:346)
at coldfusion.filter.FormScope.fillForm(FormScope.java:296)
at coldfusion.filter.FusionContext.SymTab_initForRequest(FusionContext.java:377)
in the file /var/log/jboss/server.log
To find out what seems to be the problem I thought it's somehow possible to log the POST params JBoss received and is trying to prepare for ColdFusion to use. On the internet I read I should go to file /opt/jboss/server/default/deploy/jbossweb.sar/server.xml and uncomment the line <Valve className="org.apache.catalina.valves.RequestDumperValve" />.
Now, the params (cookie, header, POST etc.) are indeed logged into the server.log file. The ColdFusion server, however, does not do its task anymore. I open CFADMIN in the browser and enter the password. I'm not let in. I, again, see the log-on page. Same is true for my application. I see in the server.log file the parameters (username and password) are correct. They are logged in clear text.
There's a story on the internet that describes how the RequestDumperValve destroys a request by applying wrong encoding. Does something like this happen to me? Are there other possibilities to log the POST params in JBoss?

Related

500 internal server error instead of 302 redirect- JMeter

I'm trying to investigate the issue as I mentioned in the subject.
I login to the application and successfully able to land on the home page of my application through my JMeter code.
When I click on "user details" tab , I should be redirected 2 times.
Successfully able to redirect for the first time. For the second redirection I'm getting 500 error code instead of 302 again.
URL for "User details" is a plain URL, doesn't come with any need of correlation.
I have cookie manager with "standard"( tried all other options also on cookie manager)
I see that - cookie value SameSite=None; is also seen at request body along with other values only during the reply of my script(I do not see this in the recorded traffic/even if I cross verify using fiddler).
Would like to know if this can be a problematic. If so how can I remove this.
Try playing with Redirect Automatically and Follow Redirects boxes in the HTTP Request sampler
if it doesn't help - be aware that you can extract the redirect URL from the Location header using Regular Expression Extractor
If you think that the problem is with the cookie you can enable debug logging for the HTTP Cookie Manager by adding the next line to log4j2.xml file (lives in "bin" folder of your JMeter installation:
<Logger name="org.apache.jmeter.protocol.http.control" level="debug" />
this way you will be able to see what's going on under the hood in jmeter.log file as it might be the case that the cookie is broken somehow (expired, wrong path, etc.)

django-rest-framework-social-oauth2: error 400 - redirect_uri_mismatch

I've been trying to add google login to my django app following this tutorial:
https://github.com/RealmTeam/django-rest-framework-social-oauth2
By following exactly the instructions, everything works fine in local.
However, when I try to replicate the same on the server, I get the following error on the redirect page of the login:
Error 400: redirect_uri_mismatch
redirect_uri: http://localhost:8000/auth/complete/google-oauth2/
What is strange to me is, in my google developer console, I have set up the correct redirect url in my app, as follows:
https://mydjangoapp.com/auth/complete/google-oauth2/
And I have also put 'mydjangoapp.com' under 'Authorised JavaScript origins'.
So my question is, why google keeps telling me that the redirect url is
http://localhost:8000/auth/complete/google-oauth2/
which is not the one I have set up in the console? Perhaps there is something obvious that I'm missing here. Thank you!
Why google keeps telling me that the redirect url is
Because your application is sending its in your code the app is running on http://localhost:8000 and if you are using a client library its probably adding the rest automatically.
http://localhost:8000/auth/complete/google-oauth2/
The redirect uri must exactly match what you are sending from your application.
You need to add
http://localhost:8000/auth/complete/google-oauth2/
Javascript origin is only needed if your code is using javascript.
This video will show you how to fix the error. Google OAuth2: How the fix redirect_uri_mismatch error. Part 2 server sided web applications.
If you want your code to send https://mydjangoapp.com then your going to have to be running it from https://mydjangoapp.com probably and you may need to figure out how to configure it so that it is running from the correct host.

Missing template errors with strange path shown

This is not ColdFusion specific, but the server is ColdFusion 10 on Windows Server.
About once a day I'll get a log file of a string of missingtemplate errors, and I can't figure out if this is a typo somewhere on my part, or a user doing something, or some sort of exploration exploit.
The most recent one from last night doesn't seem like it affects the user, as by following CGI.QUERY_STRING I can see they come to the home page, hit our login_action.cfm page to log in, get into the logged in area and then again following the CGI.QUERY_STRING I can see what pages they were on by the URL variables.
The missing template target page argument is always this:
TARGETPAGE /https:/secure.domain.com/index.cfm
Which shows this for path translated and script name
PATH_TRANSLATED D:\web\site\https:\secure.domain.com\index.cfm
SCRIPT_NAME /https:/secure.domain.com/index.cfm
After she logs in I can see by the CGI dump that she is indeed logged in OK
PATH_TRANSLATED D:\web\site\https:\secure.domain.com\user\login\index.cfm
Under the query_string I'll be able to see what pages she's on with ?p=home, ?p=editaccount (URL would be index.cfm?p=home etc.)
I don't believe this is malicious, nothing is exposed to the user as far as error reporting, but nonetheless I'd like to figure out why / how this happens about once per day on this application, and understand how it does not seem to effect the user on the site yet throws these missingtemplate errors.
You may have a malformed link somewhere in your app.
Look at the referrer of the error page, then inspect that previous page on the client side (as a user).
Also look at the user agent. It could be a browser trying to pre-fetch pages - and I'm assuming one is from a malformed link.

Not able to send mail from ColdFusion 10

In my application I am using ColdFusion 10. I am not able to send any mail using the cfmail tag.
When I log into the administrator and click on the Undelivered Mail button, it is throwing the following error:
Error retrieving markup for element mailBody : Client verification failure. [Enable debugging by adding 'cfdebug' to your URL parameters to see more information]
Error invoking CFC /CFIDE/administrator/mail/undeliveredmail.cfc : Client verification failure. [Enable debugging by adding 'cfdebug' to your URL parameters to see more information]
Can anyone tell me what is wrong?
It sounds like you have a bad CF installation. The admin should not be throwing errors, this looks like a permissions issue at first glance.
Have you tried setting all the params within the cfmail tag (eg, mailserver, username, pwd) instead of using the values set in CFadmin?
Do you get an error when you create a single CFM page with just a CFMAIL tag in it?
You need to ensure your CF install is up to date with all the hotfixes and that they are installed correctly.
see http://forums.adobe.com/thread/884947
or post the error message you are getting when you use your CFMAIL tag

Unable to View Undelievered Mail in CF Administrator

When I go to the Mail option in CF10 and click the "View Undelivered Mail" button I am getting following errors:
Error retrieving markup for element mailBody : Client verification
failure. [Enable debugging by adding 'cfdebug' to your URL parameters
to see more information]
Error invoking CFC /CFIDE/administrator/mail/undeliveredmail.cfc :
Client verification failure. [Enable debugging by adding 'cfdebug' to
your URL parameters to see more information]
Does anyone have any idea why am I not able to see Undelivered mail?
Try deleting any ColdFusion related cookies in your browser, such as CFID, CFTOKEN, CFAUTHORIZATION_cfadmin and CFADMIN_LASTPAGE_ADMIN, and then restart your browser.
Look for an 0-byte file named something like "Mail4117192657238440155.cfmail" in your /Applications/ColdFusion10/cfusion/Mail/Undelivr folder and delete it. That fixed the problem for me.