Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Unable to load Graylog when "FedAuth" Cookie Present #4118

Closed
Aenima4six2 opened this issue Sep 1, 2017 · 1 comment
Closed

Unable to load Graylog when "FedAuth" Cookie Present #4118

Aenima4six2 opened this issue Sep 1, 2017 · 1 comment
Assignees
Milestone

Comments

@Aenima4six2
Copy link

@Aenima4six2 Aenima4six2 commented Sep 1, 2017

When a cookie with the name "FedAuth" and "FedAuth1" are sent to Graylog, a bad request 400 is received and the site fails to load.

Expected Behavior

Graylog should ignore cookies created by other sites that are hosted in the same domain that the browser sends.

Current Behavior

Graylog is currenty hosted internally on domain foo.bar. If I log into website1.foo.bar, and that website sends my browser "FedAuth" session cookies, I will be immediately kicked out of Graylog, and cannot log back in until the cookies are removed.

Possible Solution

Ignore cookies by key that are not explicitly set by Graylog.

Steps to Reproduce (for bugs)

Log into a site using federated authentication, or mock a responses that sets a "FedAuth" and "FedAuth1" cookie.

image

Request HAR

{
  "log": {
    "version": "1.2",
    "creator": {
      "name": "WebInspector",
      "version": "537.36"
    },
    "pages": [
      {
        "startedDateTime": "2017-09-01T12:17:44.072Z",
        "id": "page_1",
        "title": "https://graylog.dev.foobar.local:9000/",
        "pageTimings": {
          "onContentLoad": 314.15299999935087,
          "onLoad": 313.53500000113854
        }
      }
    ],
    "entries": [
      {
        "startedDateTime": "2017-09-01T12:17:44.072Z",
        "time": 198.60099999641534,
        "request": {
          "method": "GET",
          "url": "https://graylog.dev.foobar.local:9000/",
          "httpVersion": "HTTP/1.1",
          "headers": [
            {
              "name": "DNT",
              "value": "1"
            },
            {
              "name": "Accept-Encoding",
              "value": "gzip, deflate, br"
            },
            {
              "name": "Host",
              "value": "graylog.dev.foobar.local:9000"
            },
            {
              "name": "Accept-Language",
              "value": "en-US,en;q=0.8"
            },
            {
              "name": "Upgrade-Insecure-Requests",
              "value": "1"
            },
            {
              "name": "User-Agent",
              "value": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36"
            },
            {
              "name": "Accept",
              "value": "text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8"
            },
            {
              "name": "Cache-Control",
              "value": "max-age=0"
            },
            {
              "name": "Cookie",
              "value": "FirmAcronym=foobarWealth; TeamID=; FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U2VjdXJpdHlDb250ZXh0VG9rZW4gcDE6SWQ9Il9jOTE1MGYyZS1mMDZlLTQ0Y2YtYjk2Ny1hOTQxZmJlODUxMDMtOThGNzgxNDg4NEQ5QThGRkMzNzg2RTE5MTQ4M0YwMTIiIHhtbG5zOnAxPSJodHRwOi8vZG9jcy5vYXNpcy1vcGVuLm9yZy93c3MvMjAwNC8wMS9vYXNpcy0yMDA0MDEtd3NzLXdzc2VjdXJpdHktdXRpbGl0eS0xLjAueHNkIiB4bWxucz0iaHR0cDovL2RvY3Mub2FzaXMtb3Blbi5vcmcvd3Mtc3gvd3Mtc2VjdXJlY29udmVyc2F0aW9uLzIwMDUxMiI+PElkZW50aWZpZXI+dXJuOnV1aWQ6ZmY0ZGE3M2ItNTU0Zi00Y2FiLWI5ZDgtYjQ0MzZjMGVlZDkwPC9JZGVudGlmaWVyPjxDb29raWUgeG1sbnM9Imh0dHA6Ly9zY2hlbWFzLm1pY3Jvc29mdC5jb20vd3MvMjAwNi8wNS9zZWN1cml0eSI+NzlYMTRZRUJXa3hHT2o1bDVGbWhUYXQ5RXpNb3lQSy9kaEd3cEFsNXAyOGVaVkZYbUFlMys2ZVN0bzE4MDVkd2xKVTZJMHpnSWs4V05qenpzRXZMMFJvQ2dBd09nY1FBYmVKUEhKMmRSK084ZTgyTkcxUloyM24vMFFvTlBLWnRiOE1BZEIrZ2tNUFY0KzhNUzRTL2hRbkV6eVVIcTh3QTFPMzdyZE1DSks2ZVd5WE1saVhsNHN0a2tkVTQ1YU1MajBTSGVJUU50SlNQSzRIdGxDQzlrS1lvQzN1V0gyNEMyVlFlR2tLYjhnaFBsTVNOcExYYkFlMVdhalVGV3ZXTVdZcHBITUdtSW5kMTVFRTZLVzdMRE5JU3Z0OWJGY2ZsRXNNTFJ3ZDNoTDJ6elR5ZzdiMFY2VFNiN3VXNXkrYnBGQUwzNTd1blNTV1c2NlVQOTRFT1NBRGlSYmN5QU9PVll2bVpSSmVFb25iVHliYTF0dEVuZ2NXd3o5YWZnNGlPSUZFNEs0anhBTkN2dkNTZDRkZHNBSHAycGpwOXJjdVhSc3c2WGdDMEFrR3Q1REdLN2JxemlRMEJ2ejZOMFVHVHdHbldJNXhqbmJaeEVuZEk0SXp3ME9yRVlPdUg1RXNjczNkakZzSzlrQ2EyN3ZRM014ZjArVVVkWlYrZVR2My90Vk0xTHYwRnhidkpScXgwK2FQMGZsVzFYWFM2Nm5OTGVKbHdJZk9peG5wbzBXcCswWEFTajBMMS9rV1pycWtGZXdMVG5QaE9NaFVzM09Qdllaa1A3MTVzSUFIT3hibktXYlltV2FWelNtSVBHZTdVYXRERm03NWFTQUtSMmFjRWorMEFHMjgrbzdKOWsrdGdIbTVCbEFRdjJ2VFh6ZmQwVXRRMXEvU0FFVGxxYWJoOUo2QkhocWpVbXJtb1hnZ3Q0bVlxSWJxbnYvNE5sV0d5eVloZ0xwT3JxOGsrazJUWFFsMDZDQkRwMG9YRTFFOEh6UGxKRHBCUVAzYjNDd2NqUlVPK1pQWUpBN3NoWWN1bFZrRkYrZ1VDTyt1Um1IaXYwQVI2MEZkd0ErbUxVSG1DZjlOQWJYNHh4dXo0aHl6UFpEVXJCSHBKLytlV2ZtUUFkWEk4OFdqS1FVYnZWclhyUU9wamplZWZDcFN5SEpENTNHUm5Nb1dpajQrWEsxSkY5OWsyTEpOUGNqTlVobUVZSkdUMnpFVDA3cHlxT0xnd3EvSTlvQmw5OUQzcjJieFlHWitUTWlFRUg3eWpIcnZCM2d2K3ZvbFhCRG8xWGcxOENNd2RlRmpaajBEN2pqSU9vTEcwN0lHbGh0d3AzS1V2KzV6ekNHTWVNM0ZkSmsySUJ6bGo2cDZJdVFxZVhJYkN5YXVlTjExMjUvQkVmRWUvSFRs; FedAuth1=QmVLVEhyb29GMHJ2VFRuUDJBOVpwdWtuVE5qTnA4NDNHT1RUb0Q2YjdzRzFxNlZ2eGtGUUdZNnd3VWpEQitHakI3TUxsTmFsb056Z1RQSUttbjZIcHIweHJUZmQyNlJvMlVzSXlpVjRndWtTTjI2dlVkelFEd3cyNWgzWlhwWmEwOWcyaENCWGNISnlvWGRRd3htS0s5STZUQiswSVlMYmhQNlIzbyt5MTdlaHg1c1FNQU5RSUZzcE1wb2svUDE3VlpMYjB2TWlweHIzNXUvdnREOHBRSVhiUzVjUWkySytwYWlDWHEybFBFR013K2swQmF2Z1o2b21vZFRML2VEaVJueHh0b0I2dzJJeE5na0FlaUVvWEpnOFBhb3BNeXBWZHJBQ3ExYksvV0tpYXNpc1ljekIxWE1FN2E3U3RBQmhqRDBZRHVLM0dLTGtnbklnOGtUOEpXVmhMU1NCakQ4T25ycUJWdWY2c1UyK2h0VkZrZUN6amh6VW5aMHBYZVY3VWRJMitDSlgweXg4VEIrOFkyYzBkWFlMNk91SkdJUHM4YjRUZmd0M0NNMzVwWXJWYms1TUNST3FFaWl3Z2pzTmsxL2t3Qk9WSnRLMnBSeXlDZDNwZk56amxuNURvbG9FclVaNlpOSHp6SWVBZjVZZG1ad3BHWDNCWW5laDJKMHFibVR2bmgzRVREVnJpL3AyVThYWTNrV3ZoTDRibk1KTmJXVXMvK0NMZjQyNUMrbGVZajNDa0ZhVVF6NzBzZnZyVjBBTGRGNnpBUW5uR0FBdExxUC9tZkl0SkxMa0tJRDI5L0FNWXpyUmc0TVBna24xWUI4bXFVSDdnSGlFZUkrdVV3S29TZjVHTnhMZ3FQRkpzWndOWDNaUWZDNllJWXB1OEFHbnJxMEJNUlcrS3lJbzBsUWtBNE9ZcDZDcnE5OWk2VDRmZlhkQXlrOUtKNmJjczlxdzJESFJKM3pjTHJSKzhxZUFEWmxUQU42b0liendrWW04RGhFYWpGclVBYXova0JmRmwvbFMwbGdFREVvU2JiaVZmZGdBSk0wNlJXdEtpM3I0aG42MTNUZ2tlSXhJNW1uTXNPLysxdmdJaTZBdDBvbDRvNzNkOEoxcC85MWltOC9tcTA0dGFtOFkyYTZXRHBBTm1nMVBPV3pPNE12Q2JZZ1lhUEZOa0F3TkZrZ2ptQ0tLczAzdE4wUklIckxMMDd0MzNrQkFFUmdGUlJ0Ly9UWjZDQlBaYkx1dVU1SW0zVldnMmJTT1RqRE1kajJEbmJoWmdXb295bnBhbjhicitCZXI3WFVYVE9hQXBFQ0FZemp0eXY2MjVndnFiNzRtbEMzOU50NUVuUVNMM1NnWmk0WW0zNEZjWmJ1Z3U4bTEybkhSTnBrVVJlNmcwN2Q4N1RjWTRVUlJCQWljb0ZRTWc0alc2aEFZQ2JIVWl4cWxwVHd2VjhwSWowbDNOS052YytQNmtiRmlsQkxVV213bUNIaEdKd1FOWnBxdHlObFY1WEpWanJHbEMvVG1wa1BnQm9HOEorMnRoSzlCL0c1VmRYSWlxd3I1S0J3R1dyZU43VHNINVlMU2lCcTV3cEp2cHZhMDNsMGFSRHRGRWttSTBING9zdEhEVWRQM0VLZEg3N1MxdU9uK1Zobkh6M1NJdmQ1Mk9KZjVwT1hjRlA5VkU1Z0FlSkpnR2lGUzcyUlpockRDTGdJaXpWNkJoSWx2YVV5em9hS3pFcklZMVkvT2xBWVVyZEdwOEtXSWdNMHd2TU02bDNNanI0aHlpVElZOGJheXg2UWJCT2ZpQlF0MTRERDBzVXVCSjZjUi9udTNibWIxbU1uQUVNSU4xZmhjdExqNXpZMGw1RlIzd295QnJ6Tm9XUkNHZ0tjWnhmUEZ0cTlicDN3RzkrZEVvSFRMVnJTNURBb1VUNWp5dUhhRjg3YmRsTjFRQU4xWmFadGtDek96VUM3WkRxMXhxblBpbVZNNmZ1MTQvQ2V4; FedAuth2=UzNhZlNWZU9LUlBuWTdXTlFBbzQ4TDN1dVV5Q0JUdVZMallaZEhkWSs3Ky9vNkpBNE1UNWN2ckxHZ1AzUmx6a2tSeHdrU2wrZTBjRGhIYnBDK2FCUk5JSE1ZYk0vS0o4MFR4VGl3V3ZZQzBwS285UGNXajgzN2FuekIrNkZ5MmNmU1NvOEZvbklXS2xEcWZ0VnRPbEo2ZS9Ua21pUWUrVTZsajBHWmpXQWR4dWFNZ3J2ZUpRK3d5bnlUZHFrcGdDTVNjR25YR21CaStSemY5OFJHTE8xMnAxaklOUEViOTBEUVo1azhnY2xqZVo1WmszYm5lSmxhdWY0WS95cnp5VENlTGtRdWlKYUdPb3NFNmlvM2pMOENZZ1NhdEkzTlRoS0VkeVROdnlXenNYMkQ1M215N3R5Q2w1UmppaFYrZ2ZBT1cxZXZtbElldlNaNE81RVRIMVpORkgwdTRvLzRXWFZ6QmJZRGxENzQ0SEcwUWNLWW1rdmNETDV0STZveTBrOG5mMVNza25GUjhUL1g1K2wxM1FzbUQyV2tzYXpGK1FsZDhtaVZhSTQ5ak1ERW85dHJtTTlXYkxOaVZFT0NDTTMyODdKZGpNSDF2UmJ4QkljSFFjREdDdGdOSnlmVG12cGRVVTRCQ3YxWGQza08xSlFzRUVnOS9Na09pWm01RlZYQktUaSthOXgrNnJjcG9RRTRyUjRUK1gvTlVYUm1GV2RLUU82WTNBNEtrUnlKZGgrcVpRZmNYWmROaUtId1NnQTVhSFhPdzJkOStOditBU0YwZUlTcDRQT05WQ1ZDNkJxT1VaSFIxN2FjR09SRTRvUjFvTmRKcmc0bTVjdVo4Ukk0UEcrUm5ZMjF1SjZNZnVGRmtjQncyU3Jxb3lVYjlsZUd1SWJQdVExNGEyNnljRm1BRFlJRU5QS1l6eCtsL2RzQWxsemNKWWdvM0pOSFlVbHN4dEhGNzlqYmRGSFh1c2xOLzI1TTBjQ2hMbkNteGRDOEJNNVNDcGUzdjE0YVM2aWEzeVBvTlcrS0lxd0lydDZSczN4U3ptcXU0bkZ4V3Q0MllnbVlrMzJoY1ZMbW5CZE5rRzlGMml3RkEvWDY5S2lPbVhSZElDQ2ZvVFdsN3VMLzArdHRKS1J1R2FuN0xSR1NjNWNLck5wd2ZiZ3hXVDNka3lIWEt0R3hZVDM4N0t3aUNnZ0ZVckNSdWtoa3FPQ0JnOG9yblUvZlRCUWFRblNYZlBlQkE0aEJHRzRHeCtSPC9Db29raWU+PC9TZWN1cml0eUNvbnRleHRUb2tlbj4=; mp_0e041fed25fecabf68442f734357fbfe_mixpanel=%7B%22distinct_id%22%3A%20%22eac28352-4fed-e611-80f1-005056b81d24%22%2C%22usertype%22%3A%20%22InternalEmployee%22%2C%22impersonating%22%3A%20false%2C%22viewport-width%22%3A%201680%2C%22viewport-height%22%3A%20417%2C%22%24initial_referrer%22%3A%20%22https%3A%2F%2Fbd3.dev.foobar.local%2F%22%2C%22%24initial_referring_domain%22%3A%20%22bd3.dev.foobar.local%22%7D; mp_mixpanel__c=0"
            },
            {
              "name": "Connection",
              "value": "keep-alive"
            }
          ],
          "queryString": [],
          "cookies": [
            {
              "name": "FirmAcronym",
              "value": "foobarWealth",
              "expires": null,
              "httpOnly": false,
              "secure": false
            },
            {
              "name": "TeamID",
              "value": "",
              "expires": null,
              "httpOnly": false,
              "secure": false
            },
            {
              "name": "FedAuth",
              "value": "77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U2VjdXJpdHlDb250ZXh0VG9rZW4gcDE6SWQ9Il9jOTE1MGYyZS1mMDZlLTQ0Y2YtYjk2Ny1hOTQxZmJlODUxMDMtOThGNzgxNDg4NEQ5QThGRkMzNzg2RTE5MTQ4M0YwMTIiIHhtbG5zOnAxPSJodHRwOi8vZG9jcy5vYXNpcy1vcGVuLm9yZy93c3MvMjAwNC8wMS9vYXNpcy0yMDA0MDEtd3NzLXdzc2VjdXJpdHktdXRpbGl0eS0xLjAueHNkIiB4bWxucz0iaHR0cDovL2RvY3Mub2FzaXMtb3Blbi5vcmcvd3Mtc3gvd3Mtc2VjdXJlY29udmVyc2F0aW9uLzIwMDUxMiI+PElkZW50aWZpZXI+dXJuOnV1aWQ6ZmY0ZGE3M2ItNTU0Zi00Y2FiLWI5ZDgtYjQ0MzZjMGVlZDkwPC9JZGVudGlmaWVyPjxDb29raWUgeG1sbnM9Imh0dHA6Ly9zY2hlbWFzLm1pY3Jvc29mdC5jb20vd3MvMjAwNi8wNS9zZWN1cml0eSI+NzlYMTRZRUJXa3hHT2o1bDVGbWhUYXQ5RXpNb3lQSy9kaEd3cEFsNXAyOGVaVkZYbUFlMys2ZVN0bzE4MDVkd2xKVTZJMHpnSWs4V05qenpzRXZMMFJvQ2dBd09nY1FBYmVKUEhKMmRSK084ZTgyTkcxUloyM24vMFFvTlBLWnRiOE1BZEIrZ2tNUFY0KzhNUzRTL2hRbkV6eVVIcTh3QTFPMzdyZE1DSks2ZVd5WE1saVhsNHN0a2tkVTQ1YU1MajBTSGVJUU50SlNQSzRIdGxDQzlrS1lvQzN1V0gyNEMyVlFlR2tLYjhnaFBsTVNOcExYYkFlMVdhalVGV3ZXTVdZcHBITUdtSW5kMTVFRTZLVzdMRE5JU3Z0OWJGY2ZsRXNNTFJ3ZDNoTDJ6elR5ZzdiMFY2VFNiN3VXNXkrYnBGQUwzNTd1blNTV1c2NlVQOTRFT1NBRGlSYmN5QU9PVll2bVpSSmVFb25iVHliYTF0dEVuZ2NXd3o5YWZnNGlPSUZFNEs0anhBTkN2dkNTZDRkZHNBSHAycGpwOXJjdVhSc3c2WGdDMEFrR3Q1REdLN2JxemlRMEJ2ejZOMFVHVHdHbldJNXhqbmJaeEVuZEk0SXp3ME9yRVlPdUg1RXNjczNkakZzSzlrQ2EyN3ZRM014ZjArVVVkWlYrZVR2My90Vk0xTHYwRnhidkpScXgwK2FQMGZsVzFYWFM2Nm5OTGVKbHdJZk9peG5wbzBXcCswWEFTajBMMS9rV1pycWtGZXdMVG5QaE9NaFVzM09Qdllaa1A3MTVzSUFIT3hibktXYlltV2FWelNtSVBHZTdVYXRERm03NWFTQUtSMmFjRWorMEFHMjgrbzdKOWsrdGdIbTVCbEFRdjJ2VFh6ZmQwVXRRMXEvU0FFVGxxYWJoOUo2QkhocWpVbXJtb1hnZ3Q0bVlxSWJxbnYvNE5sV0d5eVloZ0xwT3JxOGsrazJUWFFsMDZDQkRwMG9YRTFFOEh6UGxKRHBCUVAzYjNDd2NqUlVPK1pQWUpBN3NoWWN1bFZrRkYrZ1VDTyt1Um1IaXYwQVI2MEZkd0ErbUxVSG1DZjlOQWJYNHh4dXo0aHl6UFpEVXJCSHBKLytlV2ZtUUFkWEk4OFdqS1FVYnZWclhyUU9wamplZWZDcFN5SEpENTNHUm5Nb1dpajQrWEsxSkY5OWsyTEpOUGNqTlVobUVZSkdUMnpFVDA3cHlxT0xnd3EvSTlvQmw5OUQzcjJieFlHWitUTWlFRUg3eWpIcnZCM2d2K3ZvbFhCRG8xWGcxOENNd2RlRmpaajBEN2pqSU9vTEcwN0lHbGh0d3AzS1V2KzV6ekNHTWVNM0ZkSmsySUJ6bGo2cDZJdVFxZVhJYkN5YXVlTjExMjUvQkVmRWUvSFRs",
              "expires": null,
              "httpOnly": false,
              "secure": false
            },
            {
              "name": "FedAuth1",
              "value": "QmVLVEhyb29GMHJ2VFRuUDJBOVpwdWtuVE5qTnA4NDNHT1RUb0Q2YjdzRzFxNlZ2eGtGUUdZNnd3VWpEQitHakI3TUxsTmFsb056Z1RQSUttbjZIcHIweHJUZmQyNlJvMlVzSXlpVjRndWtTTjI2dlVkelFEd3cyNWgzWlhwWmEwOWcyaENCWGNISnlvWGRRd3htS0s5STZUQiswSVlMYmhQNlIzbyt5MTdlaHg1c1FNQU5RSUZzcE1wb2svUDE3VlpMYjB2TWlweHIzNXUvdnREOHBRSVhiUzVjUWkySytwYWlDWHEybFBFR013K2swQmF2Z1o2b21vZFRML2VEaVJueHh0b0I2dzJJeE5na0FlaUVvWEpnOFBhb3BNeXBWZHJBQ3ExYksvV0tpYXNpc1ljekIxWE1FN2E3U3RBQmhqRDBZRHVLM0dLTGtnbklnOGtUOEpXVmhMU1NCakQ4T25ycUJWdWY2c1UyK2h0VkZrZUN6amh6VW5aMHBYZVY3VWRJMitDSlgweXg4VEIrOFkyYzBkWFlMNk91SkdJUHM4YjRUZmd0M0NNMzVwWXJWYms1TUNST3FFaWl3Z2pzTmsxL2t3Qk9WSnRLMnBSeXlDZDNwZk56amxuNURvbG9FclVaNlpOSHp6SWVBZjVZZG1ad3BHWDNCWW5laDJKMHFibVR2bmgzRVREVnJpL3AyVThYWTNrV3ZoTDRibk1KTmJXVXMvK0NMZjQyNUMrbGVZajNDa0ZhVVF6NzBzZnZyVjBBTGRGNnpBUW5uR0FBdExxUC9tZkl0SkxMa0tJRDI5L0FNWXpyUmc0TVBna24xWUI4bXFVSDdnSGlFZUkrdVV3S29TZjVHTnhMZ3FQRkpzWndOWDNaUWZDNllJWXB1OEFHbnJxMEJNUlcrS3lJbzBsUWtBNE9ZcDZDcnE5OWk2VDRmZlhkQXlrOUtKNmJjczlxdzJESFJKM3pjTHJSKzhxZUFEWmxUQU42b0liendrWW04RGhFYWpGclVBYXova0JmRmwvbFMwbGdFREVvU2JiaVZmZGdBSk0wNlJXdEtpM3I0aG42MTNUZ2tlSXhJNW1uTXNPLysxdmdJaTZBdDBvbDRvNzNkOEoxcC85MWltOC9tcTA0dGFtOFkyYTZXRHBBTm1nMVBPV3pPNE12Q2JZZ1lhUEZOa0F3TkZrZ2ptQ0tLczAzdE4wUklIckxMMDd0MzNrQkFFUmdGUlJ0Ly9UWjZDQlBaYkx1dVU1SW0zVldnMmJTT1RqRE1kajJEbmJoWmdXb295bnBhbjhicitCZXI3WFVYVE9hQXBFQ0FZemp0eXY2MjVndnFiNzRtbEMzOU50NUVuUVNMM1NnWmk0WW0zNEZjWmJ1Z3U4bTEybkhSTnBrVVJlNmcwN2Q4N1RjWTRVUlJCQWljb0ZRTWc0alc2aEFZQ2JIVWl4cWxwVHd2VjhwSWowbDNOS052YytQNmtiRmlsQkxVV213bUNIaEdKd1FOWnBxdHlObFY1WEpWanJHbEMvVG1wa1BnQm9HOEorMnRoSzlCL0c1VmRYSWlxd3I1S0J3R1dyZU43VHNINVlMU2lCcTV3cEp2cHZhMDNsMGFSRHRGRWttSTBING9zdEhEVWRQM0VLZEg3N1MxdU9uK1Zobkh6M1NJdmQ1Mk9KZjVwT1hjRlA5VkU1Z0FlSkpnR2lGUzcyUlpockRDTGdJaXpWNkJoSWx2YVV5em9hS3pFcklZMVkvT2xBWVVyZEdwOEtXSWdNMHd2TU02bDNNanI0aHlpVElZOGJheXg2UWJCT2ZpQlF0MTRERDBzVXVCSjZjUi9udTNibWIxbU1uQUVNSU4xZmhjdExqNXpZMGw1RlIzd295QnJ6Tm9XUkNHZ0tjWnhmUEZ0cTlicDN3RzkrZEVvSFRMVnJTNURBb1VUNWp5dUhhRjg3YmRsTjFRQU4xWmFadGtDek96VUM3WkRxMXhxblBpbVZNNmZ1MTQvQ2V4",
              "expires": null,
              "httpOnly": false,
              "secure": false
            },
            {
              "name": "FedAuth2",
              "value": "UzNhZlNWZU9LUlBuWTdXTlFBbzQ4TDN1dVV5Q0JUdVZMallaZEhkWSs3Ky9vNkpBNE1UNWN2ckxHZ1AzUmx6a2tSeHdrU2wrZTBjRGhIYnBDK2FCUk5JSE1ZYk0vS0o4MFR4VGl3V3ZZQzBwS285UGNXajgzN2FuekIrNkZ5MmNmU1NvOEZvbklXS2xEcWZ0VnRPbEo2ZS9Ua21pUWUrVTZsajBHWmpXQWR4dWFNZ3J2ZUpRK3d5bnlUZHFrcGdDTVNjR25YR21CaStSemY5OFJHTE8xMnAxaklOUEViOTBEUVo1azhnY2xqZVo1WmszYm5lSmxhdWY0WS95cnp5VENlTGtRdWlKYUdPb3NFNmlvM2pMOENZZ1NhdEkzTlRoS0VkeVROdnlXenNYMkQ1M215N3R5Q2w1UmppaFYrZ2ZBT1cxZXZtbElldlNaNE81RVRIMVpORkgwdTRvLzRXWFZ6QmJZRGxENzQ0SEcwUWNLWW1rdmNETDV0STZveTBrOG5mMVNza25GUjhUL1g1K2wxM1FzbUQyV2tzYXpGK1FsZDhtaVZhSTQ5ak1ERW85dHJtTTlXYkxOaVZFT0NDTTMyODdKZGpNSDF2UmJ4QkljSFFjREdDdGdOSnlmVG12cGRVVTRCQ3YxWGQza08xSlFzRUVnOS9Na09pWm01RlZYQktUaSthOXgrNnJjcG9RRTRyUjRUK1gvTlVYUm1GV2RLUU82WTNBNEtrUnlKZGgrcVpRZmNYWmROaUtId1NnQTVhSFhPdzJkOStOditBU0YwZUlTcDRQT05WQ1ZDNkJxT1VaSFIxN2FjR09SRTRvUjFvTmRKcmc0bTVjdVo4Ukk0UEcrUm5ZMjF1SjZNZnVGRmtjQncyU3Jxb3lVYjlsZUd1SWJQdVExNGEyNnljRm1BRFlJRU5QS1l6eCtsL2RzQWxsemNKWWdvM0pOSFlVbHN4dEhGNzlqYmRGSFh1c2xOLzI1TTBjQ2hMbkNteGRDOEJNNVNDcGUzdjE0YVM2aWEzeVBvTlcrS0lxd0lydDZSczN4U3ptcXU0bkZ4V3Q0MllnbVlrMzJoY1ZMbW5CZE5rRzlGMml3RkEvWDY5S2lPbVhSZElDQ2ZvVFdsN3VMLzArdHRKS1J1R2FuN0xSR1NjNWNLck5wd2ZiZ3hXVDNka3lIWEt0R3hZVDM4N0t3aUNnZ0ZVckNSdWtoa3FPQ0JnOG9yblUvZlRCUWFRblNYZlBlQkE0aEJHRzRHeCtSPC9Db29raWU+PC9TZWN1cml0eUNvbnRleHRUb2tlbj4=",
              "expires": null,
              "httpOnly": false,
              "secure": false
            },
            {
              "name": "mp_0e041fed25fecabf68442f734357fbfe_mixpanel",
              "value": "%7B%22distinct_id%22%3A%20%22eac28352-4fed-e611-80f1-005056b81d24%22%2C%22usertype%22%3A%20%22InternalEmployee%22%2C%22impersonating%22%3A%20false%2C%22viewport-width%22%3A%201680%2C%22viewport-height%22%3A%20417%2C%22%24initial_referrer%22%3A%20%22https%3A%2F%2Fbd3.dev.foobar.local%2F%22%2C%22%24initial_referring_domain%22%3A%20%22bd3.dev.foobar.local%22%7D",
              "expires": null,
              "httpOnly": false,
              "secure": false
            },
            {
              "name": "mp_mixpanel__c",
              "value": "0",
              "expires": null,
              "httpOnly": false,
              "secure": false
            }
          ],
          "headersSize": 6261,
          "bodySize": 0
        },
        "response": {
          "status": 400,
          "statusText": "Bad Request",
          "httpVersion": "HTTP/1.1",
          "headers": [
            {
              "name": "Date",
              "value": "Fri, 01 Sep 2017 12:17:45 GMT"
            },
            {
              "name": "Server",
              "value": "nginx/1.11.13"
            },
            {
              "name": "Connection",
              "value": "keep-alive"
            },
            {
              "name": "Content-Length",
              "value": "0"
            }
          ],
          "cookies": [],
          "content": {
            "size": 0,
            "mimeType": "text/plain",
            "compression": 0
          },
          "redirectURL": "",
          "headersSize": 131,
          "bodySize": 0,
          "_transferSize": 131
        },
        "cache": {},
        "timings": {
          "blocked": 0.482999996165745,
          "dns": -1,
          "connect": -1,
          "send": 0.18200000340584693,
          "wait": 195.82499999523841,
          "receive": 2.1110000016053334,
          "ssl": -1
        },
        "serverIPAddress": "127.0.0.1",
        "connection": "15855",
        "pageref": "page_1"
      },
      {
        "startedDateTime": "2017-09-01T12:17:44.416Z",
        "time": 101.46199999871897,
        "request": {
          "method": "GET",
          "url": "https://graylog.dev.foobar.local:9000/favicon.ico",
          "httpVersion": "HTTP/1.1",
          "headers": [
            {
              "name": "DNT",
              "value": "1"
            },
            {
              "name": "Accept-Encoding",
              "value": "gzip, deflate, br"
            },
            {
              "name": "Host",
              "value": "graylog.dev.foobar.local:9000"
            },
            {
              "name": "Accept-Language",
              "value": "en-US,en;q=0.8"
            },
            {
              "name": "User-Agent",
              "value": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36"
            },
            {
              "name": "Accept",
              "value": "image/webp,image/apng,image/*,*/*;q=0.8"
            },
            {
              "name": "Referer",
              "value": "https://graylog.dev.foobar.local:9000/"
            },
            {
              "name": "Cookie",
              "value": "FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U2VjdXJpdHlDb250ZXh0VG9rZW4gcDE6SWQ9Il9jOTE1MGYyZS1mMDZlLTQ0Y2YtYjk2Ny1hOTQxZmJlODUxMDMtOThGNzgxNDg4NEQ5QThGRkMzNzg2RTE5MTQ4M0YwMTIiIHhtbG5zOnAxPSJodHRwOi8vZG9jcy5vYXNpcy1vcGVuLm9yZy93c3MvMjAwNC8wMS9vYXNpcy0yMDA0MDEtd3NzLXdzc2VjdXJpdHktdXRpbGl0eS0xLjAueHNkIiB4bWxucz0iaHR0cDovL2RvY3Mub2FzaXMtb3Blbi5vcmcvd3Mtc3gvd3Mtc2VjdXJlY29udmVyc2F0aW9uLzIwMDUxMiI+PElkZW50aWZpZXI+dXJuOnV1aWQ6ZmY0ZGE3M2ItNTU0Zi00Y2FiLWI5ZDgtYjQ0MzZjMGVlZDkwPC9JZGVudGlmaWVyPjxDb29raWUgeG1sbnM9Imh0dHA6Ly9zY2hlbWFzLm1pY3Jvc29mdC5jb20vd3MvMjAwNi8wNS9zZWN1cml0eSI+NzlYMTRZRUJXa3hHT2o1bDVGbWhUYXQ5RXpNb3lQSy9kaEd3cEFsNXAyOGVaVkZYbUFlMys2ZVN0bzE4MDVkd2xKVTZJMHpnSWs4V05qenpzRXZMMFJvQ2dBd09nY1FBYmVKUEhKMmRSK084ZTgyTkcxUloyM24vMFFvTlBLWnRiOE1BZEIrZ2tNUFY0KzhNUzRTL2hRbkV6eVVIcTh3QTFPMzdyZE1DSks2ZVd5WE1saVhsNHN0a2tkVTQ1YU1MajBTSGVJUU50SlNQSzRIdGxDQzlrS1lvQzN1V0gyNEMyVlFlR2tLYjhnaFBsTVNOcExYYkFlMVdhalVGV3ZXTVdZcHBITUdtSW5kMTVFRTZLVzdMRE5JU3Z0OWJGY2ZsRXNNTFJ3ZDNoTDJ6elR5ZzdiMFY2VFNiN3VXNXkrYnBGQUwzNTd1blNTV1c2NlVQOTRFT1NBRGlSYmN5QU9PVll2bVpSSmVFb25iVHliYTF0dEVuZ2NXd3o5YWZnNGlPSUZFNEs0anhBTkN2dkNTZDRkZHNBSHAycGpwOXJjdVhSc3c2WGdDMEFrR3Q1REdLN2JxemlRMEJ2ejZOMFVHVHdHbldJNXhqbmJaeEVuZEk0SXp3ME9yRVlPdUg1RXNjczNkakZzSzlrQ2EyN3ZRM014ZjArVVVkWlYrZVR2My90Vk0xTHYwRnhidkpScXgwK2FQMGZsVzFYWFM2Nm5OTGVKbHdJZk9peG5wbzBXcCswWEFTajBMMS9rV1pycWtGZXdMVG5QaE9NaFVzM09Qdllaa1A3MTVzSUFIT3hibktXYlltV2FWelNtSVBHZTdVYXRERm03NWFTQUtSMmFjRWorMEFHMjgrbzdKOWsrdGdIbTVCbEFRdjJ2VFh6ZmQwVXRRMXEvU0FFVGxxYWJoOUo2QkhocWpVbXJtb1hnZ3Q0bVlxSWJxbnYvNE5sV0d5eVloZ0xwT3JxOGsrazJUWFFsMDZDQkRwMG9YRTFFOEh6UGxKRHBCUVAzYjNDd2NqUlVPK1pQWUpBN3NoWWN1bFZrRkYrZ1VDTyt1Um1IaXYwQVI2MEZkd0ErbUxVSG1DZjlOQWJYNHh4dXo0aHl6UFpEVXJCSHBKLytlV2ZtUUFkWEk4OFdqS1FVYnZWclhyUU9wamplZWZDcFN5SEpENTNHUm5Nb1dpajQrWEsxSkY5OWsyTEpOUGNqTlVobUVZSkdUMnpFVDA3cHlxT0xnd3EvSTlvQmw5OUQzcjJieFlHWitUTWlFRUg3eWpIcnZCM2d2K3ZvbFhCRG8xWGcxOENNd2RlRmpaajBEN2pqSU9vTEcwN0lHbGh0d3AzS1V2KzV6ekNHTWVNM0ZkSmsySUJ6bGo2cDZJdVFxZVhJYkN5YXVlTjExMjUvQkVmRWUvSFRs; FedAuth1=QmVLVEhyb29GMHJ2VFRuUDJBOVpwdWtuVE5qTnA4NDNHT1RUb0Q2YjdzRzFxNlZ2eGtGUUdZNnd3VWpEQitHakI3TUxsTmFsb056Z1RQSUttbjZIcHIweHJUZmQyNlJvMlVzSXlpVjRndWtTTjI2dlVkelFEd3cyNWgzWlhwWmEwOWcyaENCWGNISnlvWGRRd3htS0s5STZUQiswSVlMYmhQNlIzbyt5MTdlaHg1c1FNQU5RSUZzcE1wb2svUDE3VlpMYjB2TWlweHIzNXUvdnREOHBRSVhiUzVjUWkySytwYWlDWHEybFBFR013K2swQmF2Z1o2b21vZFRML2VEaVJueHh0b0I2dzJJeE5na0FlaUVvWEpnOFBhb3BNeXBWZHJBQ3ExYksvV0tpYXNpc1ljekIxWE1FN2E3U3RBQmhqRDBZRHVLM0dLTGtnbklnOGtUOEpXVmhMU1NCakQ4T25ycUJWdWY2c1UyK2h0VkZrZUN6amh6VW5aMHBYZVY3VWRJMitDSlgweXg4VEIrOFkyYzBkWFlMNk91SkdJUHM4YjRUZmd0M0NNMzVwWXJWYms1TUNST3FFaWl3Z2pzTmsxL2t3Qk9WSnRLMnBSeXlDZDNwZk56amxuNURvbG9FclVaNlpOSHp6SWVBZjVZZG1ad3BHWDNCWW5laDJKMHFibVR2bmgzRVREVnJpL3AyVThYWTNrV3ZoTDRibk1KTmJXVXMvK0NMZjQyNUMrbGVZajNDa0ZhVVF6NzBzZnZyVjBBTGRGNnpBUW5uR0FBdExxUC9tZkl0SkxMa0tJRDI5L0FNWXpyUmc0TVBna24xWUI4bXFVSDdnSGlFZUkrdVV3S29TZjVHTnhMZ3FQRkpzWndOWDNaUWZDNllJWXB1OEFHbnJxMEJNUlcrS3lJbzBsUWtBNE9ZcDZDcnE5OWk2VDRmZlhkQXlrOUtKNmJjczlxdzJESFJKM3pjTHJSKzhxZUFEWmxUQU42b0liendrWW04RGhFYWpGclVBYXova0JmRmwvbFMwbGdFREVvU2JiaVZmZGdBSk0wNlJXdEtpM3I0aG42MTNUZ2tlSXhJNW1uTXNPLysxdmdJaTZBdDBvbDRvNzNkOEoxcC85MWltOC9tcTA0dGFtOFkyYTZXRHBBTm1nMVBPV3pPNE12Q2JZZ1lhUEZOa0F3TkZrZ2ptQ0tLczAzdE4wUklIckxMMDd0MzNrQkFFUmdGUlJ0Ly9UWjZDQlBaYkx1dVU1SW0zVldnMmJTT1RqRE1kajJEbmJoWmdXb295bnBhbjhicitCZXI3WFVYVE9hQXBFQ0FZemp0eXY2MjVndnFiNzRtbEMzOU50NUVuUVNMM1NnWmk0WW0zNEZjWmJ1Z3U4bTEybkhSTnBrVVJlNmcwN2Q4N1RjWTRVUlJCQWljb0ZRTWc0alc2aEFZQ2JIVWl4cWxwVHd2VjhwSWowbDNOS052YytQNmtiRmlsQkxVV213bUNIaEdKd1FOWnBxdHlObFY1WEpWanJHbEMvVG1wa1BnQm9HOEorMnRoSzlCL0c1VmRYSWlxd3I1S0J3R1dyZU43VHNINVlMU2lCcTV3cEp2cHZhMDNsMGFSRHRGRWttSTBING9zdEhEVWRQM0VLZEg3N1MxdU9uK1Zobkh6M1NJdmQ1Mk9KZjVwT1hjRlA5VkU1Z0FlSkpnR2lGUzcyUlpockRDTGdJaXpWNkJoSWx2YVV5em9hS3pFcklZMVkvT2xBWVVyZEdwOEtXSWdNMHd2TU02bDNNanI0aHlpVElZOGJheXg2UWJCT2ZpQlF0MTRERDBzVXVCSjZjUi9udTNibWIxbU1uQUVNSU4xZmhjdExqNXpZMGw1RlIzd295QnJ6Tm9XUkNHZ0tjWnhmUEZ0cTlicDN3RzkrZEVvSFRMVnJTNURBb1VUNWp5dUhhRjg3YmRsTjFRQU4xWmFadGtDek96VUM3WkRxMXhxblBpbVZNNmZ1MTQvQ2V4; FedAuth2=UzNhZlNWZU9LUlBuWTdXTlFBbzQ4TDN1dVV5Q0JUdVZMallaZEhkWSs3Ky9vNkpBNE1UNWN2ckxHZ1AzUmx6a2tSeHdrU2wrZTBjRGhIYnBDK2FCUk5JSE1ZYk0vS0o4MFR4VGl3V3ZZQzBwS285UGNXajgzN2FuekIrNkZ5MmNmU1NvOEZvbklXS2xEcWZ0VnRPbEo2ZS9Ua21pUWUrVTZsajBHWmpXQWR4dWFNZ3J2ZUpRK3d5bnlUZHFrcGdDTVNjR25YR21CaStSemY5OFJHTE8xMnAxaklOUEViOTBEUVo1azhnY2xqZVo1WmszYm5lSmxhdWY0WS95cnp5VENlTGtRdWlKYUdPb3NFNmlvM2pMOENZZ1NhdEkzTlRoS0VkeVROdnlXenNYMkQ1M215N3R5Q2w1UmppaFYrZ2ZBT1cxZXZtbElldlNaNE81RVRIMVpORkgwdTRvLzRXWFZ6QmJZRGxENzQ0SEcwUWNLWW1rdmNETDV0STZveTBrOG5mMVNza25GUjhUL1g1K2wxM1FzbUQyV2tzYXpGK1FsZDhtaVZhSTQ5ak1ERW85dHJtTTlXYkxOaVZFT0NDTTMyODdKZGpNSDF2UmJ4QkljSFFjREdDdGdOSnlmVG12cGRVVTRCQ3YxWGQza08xSlFzRUVnOS9Na09pWm01RlZYQktUaSthOXgrNnJjcG9RRTRyUjRUK1gvTlVYUm1GV2RLUU82WTNBNEtrUnlKZGgrcVpRZmNYWmROaUtId1NnQTVhSFhPdzJkOStOditBU0YwZUlTcDRQT05WQ1ZDNkJxT1VaSFIxN2FjR09SRTRvUjFvTmRKcmc0bTVjdVo4Ukk0UEcrUm5ZMjF1SjZNZnVGRmtjQncyU3Jxb3lVYjlsZUd1SWJQdVExNGEyNnljRm1BRFlJRU5QS1l6eCtsL2RzQWxsemNKWWdvM0pOSFlVbHN4dEhGNzlqYmRGSFh1c2xOLzI1TTBjQ2hMbkNteGRDOEJNNVNDcGUzdjE0YVM2aWEzeVBvTlcrS0lxd0lydDZSczN4U3ptcXU0bkZ4V3Q0MllnbVlrMzJoY1ZMbW5CZE5rRzlGMml3RkEvWDY5S2lPbVhSZElDQ2ZvVFdsN3VMLzArdHRKS1J1R2FuN0xSR1NjNWNLck5wd2ZiZ3hXVDNka3lIWEt0R3hZVDM4N0t3aUNnZ0ZVckNSdWtoa3FPQ0JnOG9yblUvZlRCUWFRblNYZlBlQkE0aEJHRzRHeCtSPC9Db29raWU+PC9TZWN1cml0eUNvbnRleHRUb2tlbj4=; mp_0e041fed25fecabf68442f734357fbfe_mixpanel=%7B%22distinct_id%22%3A%20%22eac28352-4fed-e611-80f1-005056b81d24%22%2C%22usertype%22%3A%20%22InternalEmployee%22%2C%22impersonating%22%3A%20false%2C%22viewport-width%22%3A%201680%2C%22viewport-height%22%3A%20417%2C%22%24initial_referrer%22%3A%20%22https%3A%2F%2Fbd3.dev.foobar.local%2F%22%2C%22%24initial_referring_domain%22%3A%20%22bd3.dev.foobar.local%22%7D; mp_mixpanel__c=0"
            },
            {
              "name": "Connection",
              "value": "keep-alive"
            }
          ],
          "queryString": [],
          "cookies": [
            {
              "name": "FedAuth",
              "value": "77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U2VjdXJpdHlDb250ZXh0VG9rZW4gcDE6SWQ9Il9jOTE1MGYyZS1mMDZlLTQ0Y2YtYjk2Ny1hOTQxZmJlODUxMDMtOThGNzgxNDg4NEQ5QThGRkMzNzg2RTE5MTQ4M0YwMTIiIHhtbG5zOnAxPSJodHRwOi8vZG9jcy5vYXNpcy1vcGVuLm9yZy93c3MvMjAwNC8wMS9vYXNpcy0yMDA0MDEtd3NzLXdzc2VjdXJpdHktdXRpbGl0eS0xLjAueHNkIiB4bWxucz0iaHR0cDovL2RvY3Mub2FzaXMtb3Blbi5vcmcvd3Mtc3gvd3Mtc2VjdXJlY29udmVyc2F0aW9uLzIwMDUxMiI+PElkZW50aWZpZXI+dXJuOnV1aWQ6ZmY0ZGE3M2ItNTU0Zi00Y2FiLWI5ZDgtYjQ0MzZjMGVlZDkwPC9JZGVudGlmaWVyPjxDb29raWUgeG1sbnM9Imh0dHA6Ly9zY2hlbWFzLm1pY3Jvc29mdC5jb20vd3MvMjAwNi8wNS9zZWN1cml0eSI+NzlYMTRZRUJXa3hHT2o1bDVGbWhUYXQ5RXpNb3lQSy9kaEd3cEFsNXAyOGVaVkZYbUFlMys2ZVN0bzE4MDVkd2xKVTZJMHpnSWs4V05qenpzRXZMMFJvQ2dBd09nY1FBYmVKUEhKMmRSK084ZTgyTkcxUloyM24vMFFvTlBLWnRiOE1BZEIrZ2tNUFY0KzhNUzRTL2hRbkV6eVVIcTh3QTFPMzdyZE1DSks2ZVd5WE1saVhsNHN0a2tkVTQ1YU1MajBTSGVJUU50SlNQSzRIdGxDQzlrS1lvQzN1V0gyNEMyVlFlR2tLYjhnaFBsTVNOcExYYkFlMVdhalVGV3ZXTVdZcHBITUdtSW5kMTVFRTZLVzdMRE5JU3Z0OWJGY2ZsRXNNTFJ3ZDNoTDJ6elR5ZzdiMFY2VFNiN3VXNXkrYnBGQUwzNTd1blNTV1c2NlVQOTRFT1NBRGlSYmN5QU9PVll2bVpSSmVFb25iVHliYTF0dEVuZ2NXd3o5YWZnNGlPSUZFNEs0anhBTkN2dkNTZDRkZHNBSHAycGpwOXJjdVhSc3c2WGdDMEFrR3Q1REdLN2JxemlRMEJ2ejZOMFVHVHdHbldJNXhqbmJaeEVuZEk0SXp3ME9yRVlPdUg1RXNjczNkakZzSzlrQ2EyN3ZRM014ZjArVVVkWlYrZVR2My90Vk0xTHYwRnhidkpScXgwK2FQMGZsVzFYWFM2Nm5OTGVKbHdJZk9peG5wbzBXcCswWEFTajBMMS9rV1pycWtGZXdMVG5QaE9NaFVzM09Qdllaa1A3MTVzSUFIT3hibktXYlltV2FWelNtSVBHZTdVYXRERm03NWFTQUtSMmFjRWorMEFHMjgrbzdKOWsrdGdIbTVCbEFRdjJ2VFh6ZmQwVXRRMXEvU0FFVGxxYWJoOUo2QkhocWpVbXJtb1hnZ3Q0bVlxSWJxbnYvNE5sV0d5eVloZ0xwT3JxOGsrazJUWFFsMDZDQkRwMG9YRTFFOEh6UGxKRHBCUVAzYjNDd2NqUlVPK1pQWUpBN3NoWWN1bFZrRkYrZ1VDTyt1Um1IaXYwQVI2MEZkd0ErbUxVSG1DZjlOQWJYNHh4dXo0aHl6UFpEVXJCSHBKLytlV2ZtUUFkWEk4OFdqS1FVYnZWclhyUU9wamplZWZDcFN5SEpENTNHUm5Nb1dpajQrWEsxSkY5OWsyTEpOUGNqTlVobUVZSkdUMnpFVDA3cHlxT0xnd3EvSTlvQmw5OUQzcjJieFlHWitUTWlFRUg3eWpIcnZCM2d2K3ZvbFhCRG8xWGcxOENNd2RlRmpaajBEN2pqSU9vTEcwN0lHbGh0d3AzS1V2KzV6ekNHTWVNM0ZkSmsySUJ6bGo2cDZJdVFxZVhJYkN5YXVlTjExMjUvQkVmRWUvSFRs",
              "expires": null,
              "httpOnly": false,
              "secure": false
            },
            {
              "name": "FedAuth1",
              "value": "QmVLVEhyb29GMHJ2VFRuUDJBOVpwdWtuVE5qTnA4NDNHT1RUb0Q2YjdzRzFxNlZ2eGtGUUdZNnd3VWpEQitHakI3TUxsTmFsb056Z1RQSUttbjZIcHIweHJUZmQyNlJvMlVzSXlpVjRndWtTTjI2dlVkelFEd3cyNWgzWlhwWmEwOWcyaENCWGNISnlvWGRRd3htS0s5STZUQiswSVlMYmhQNlIzbyt5MTdlaHg1c1FNQU5RSUZzcE1wb2svUDE3VlpMYjB2TWlweHIzNXUvdnREOHBRSVhiUzVjUWkySytwYWlDWHEybFBFR013K2swQmF2Z1o2b21vZFRML2VEaVJueHh0b0I2dzJJeE5na0FlaUVvWEpnOFBhb3BNeXBWZHJBQ3ExYksvV0tpYXNpc1ljekIxWE1FN2E3U3RBQmhqRDBZRHVLM0dLTGtnbklnOGtUOEpXVmhMU1NCakQ4T25ycUJWdWY2c1UyK2h0VkZrZUN6amh6VW5aMHBYZVY3VWRJMitDSlgweXg4VEIrOFkyYzBkWFlMNk91SkdJUHM4YjRUZmd0M0NNMzVwWXJWYms1TUNST3FFaWl3Z2pzTmsxL2t3Qk9WSnRLMnBSeXlDZDNwZk56amxuNURvbG9FclVaNlpOSHp6SWVBZjVZZG1ad3BHWDNCWW5laDJKMHFibVR2bmgzRVREVnJpL3AyVThYWTNrV3ZoTDRibk1KTmJXVXMvK0NMZjQyNUMrbGVZajNDa0ZhVVF6NzBzZnZyVjBBTGRGNnpBUW5uR0FBdExxUC9tZkl0SkxMa0tJRDI5L0FNWXpyUmc0TVBna24xWUI4bXFVSDdnSGlFZUkrdVV3S29TZjVHTnhMZ3FQRkpzWndOWDNaUWZDNllJWXB1OEFHbnJxMEJNUlcrS3lJbzBsUWtBNE9ZcDZDcnE5OWk2VDRmZlhkQXlrOUtKNmJjczlxdzJESFJKM3pjTHJSKzhxZUFEWmxUQU42b0liendrWW04RGhFYWpGclVBYXova0JmRmwvbFMwbGdFREVvU2JiaVZmZGdBSk0wNlJXdEtpM3I0aG42MTNUZ2tlSXhJNW1uTXNPLysxdmdJaTZBdDBvbDRvNzNkOEoxcC85MWltOC9tcTA0dGFtOFkyYTZXRHBBTm1nMVBPV3pPNE12Q2JZZ1lhUEZOa0F3TkZrZ2ptQ0tLczAzdE4wUklIckxMMDd0MzNrQkFFUmdGUlJ0Ly9UWjZDQlBaYkx1dVU1SW0zVldnMmJTT1RqRE1kajJEbmJoWmdXb295bnBhbjhicitCZXI3WFVYVE9hQXBFQ0FZemp0eXY2MjVndnFiNzRtbEMzOU50NUVuUVNMM1NnWmk0WW0zNEZjWmJ1Z3U4bTEybkhSTnBrVVJlNmcwN2Q4N1RjWTRVUlJCQWljb0ZRTWc0alc2aEFZQ2JIVWl4cWxwVHd2VjhwSWowbDNOS052YytQNmtiRmlsQkxVV213bUNIaEdKd1FOWnBxdHlObFY1WEpWanJHbEMvVG1wa1BnQm9HOEorMnRoSzlCL0c1VmRYSWlxd3I1S0J3R1dyZU43VHNINVlMU2lCcTV3cEp2cHZhMDNsMGFSRHRGRWttSTBING9zdEhEVWRQM0VLZEg3N1MxdU9uK1Zobkh6M1NJdmQ1Mk9KZjVwT1hjRlA5VkU1Z0FlSkpnR2lGUzcyUlpockRDTGdJaXpWNkJoSWx2YVV5em9hS3pFcklZMVkvT2xBWVVyZEdwOEtXSWdNMHd2TU02bDNNanI0aHlpVElZOGJheXg2UWJCT2ZpQlF0MTRERDBzVXVCSjZjUi9udTNibWIxbU1uQUVNSU4xZmhjdExqNXpZMGw1RlIzd295QnJ6Tm9XUkNHZ0tjWnhmUEZ0cTlicDN3RzkrZEVvSFRMVnJTNURBb1VUNWp5dUhhRjg3YmRsTjFRQU4xWmFadGtDek96VUM3WkRxMXhxblBpbVZNNmZ1MTQvQ2V4",
              "expires": null,
              "httpOnly": false,
              "secure": false
            },
            {
              "name": "FedAuth2",
              "value": "UzNhZlNWZU9LUlBuWTdXTlFBbzQ4TDN1dVV5Q0JUdVZMallaZEhkWSs3Ky9vNkpBNE1UNWN2ckxHZ1AzUmx6a2tSeHdrU2wrZTBjRGhIYnBDK2FCUk5JSE1ZYk0vS0o4MFR4VGl3V3ZZQzBwS285UGNXajgzN2FuekIrNkZ5MmNmU1NvOEZvbklXS2xEcWZ0VnRPbEo2ZS9Ua21pUWUrVTZsajBHWmpXQWR4dWFNZ3J2ZUpRK3d5bnlUZHFrcGdDTVNjR25YR21CaStSemY5OFJHTE8xMnAxaklOUEViOTBEUVo1azhnY2xqZVo1WmszYm5lSmxhdWY0WS95cnp5VENlTGtRdWlKYUdPb3NFNmlvM2pMOENZZ1NhdEkzTlRoS0VkeVROdnlXenNYMkQ1M215N3R5Q2w1UmppaFYrZ2ZBT1cxZXZtbElldlNaNE81RVRIMVpORkgwdTRvLzRXWFZ6QmJZRGxENzQ0SEcwUWNLWW1rdmNETDV0STZveTBrOG5mMVNza25GUjhUL1g1K2wxM1FzbUQyV2tzYXpGK1FsZDhtaVZhSTQ5ak1ERW85dHJtTTlXYkxOaVZFT0NDTTMyODdKZGpNSDF2UmJ4QkljSFFjREdDdGdOSnlmVG12cGRVVTRCQ3YxWGQza08xSlFzRUVnOS9Na09pWm01RlZYQktUaSthOXgrNnJjcG9RRTRyUjRUK1gvTlVYUm1GV2RLUU82WTNBNEtrUnlKZGgrcVpRZmNYWmROaUtId1NnQTVhSFhPdzJkOStOditBU0YwZUlTcDRQT05WQ1ZDNkJxT1VaSFIxN2FjR09SRTRvUjFvTmRKcmc0bTVjdVo4Ukk0UEcrUm5ZMjF1SjZNZnVGRmtjQncyU3Jxb3lVYjlsZUd1SWJQdVExNGEyNnljRm1BRFlJRU5QS1l6eCtsL2RzQWxsemNKWWdvM0pOSFlVbHN4dEhGNzlqYmRGSFh1c2xOLzI1TTBjQ2hMbkNteGRDOEJNNVNDcGUzdjE0YVM2aWEzeVBvTlcrS0lxd0lydDZSczN4U3ptcXU0bkZ4V3Q0MllnbVlrMzJoY1ZMbW5CZE5rRzlGMml3RkEvWDY5S2lPbVhSZElDQ2ZvVFdsN3VMLzArdHRKS1J1R2FuN0xSR1NjNWNLck5wd2ZiZ3hXVDNka3lIWEt0R3hZVDM4N0t3aUNnZ0ZVckNSdWtoa3FPQ0JnOG9yblUvZlRCUWFRblNYZlBlQkE0aEJHRzRHeCtSPC9Db29raWU+PC9TZWN1cml0eUNvbnRleHRUb2tlbj4=",
              "expires": null,
              "httpOnly": false,
              "secure": false
            },
            {
              "name": "mp_0e041fed25fecabf68442f734357fbfe_mixpanel",
              "value": "%7B%22distinct_id%22%3A%20%22eac28352-4fed-e611-80f1-005056b81d24%22%2C%22usertype%22%3A%20%22InternalEmployee%22%2C%22impersonating%22%3A%20false%2C%22viewport-width%22%3A%201680%2C%22viewport-height%22%3A%20417%2C%22%24initial_referrer%22%3A%20%22https%3A%2F%2Fbd3.dev.foobar.local%2F%22%2C%22%24initial_referring_domain%22%3A%20%22bd3.dev.foobar.local%22%7D",
              "expires": null,
              "httpOnly": false,
              "secure": false
            },
            {
              "name": "mp_mixpanel__c",
              "value": "0",
              "expires": null,
              "httpOnly": false,
              "secure": false
            }
          ],
          "headersSize": 6224,
          "bodySize": 0
        },
        "response": {
          "status": 400,
          "statusText": "Bad Request",
          "httpVersion": "HTTP/1.1",
          "headers": [
            {
              "name": "Date",
              "value": "Fri, 01 Sep 2017 12:17:46 GMT"
            },
            {
              "name": "Server",
              "value": "nginx/1.11.13"
            },
            {
              "name": "Connection",
              "value": "keep-alive"
            },
            {
              "name": "Content-Length",
              "value": "0"
            }
          ],
          "cookies": [],
          "content": {
            "size": 0,
            "mimeType": "text/plain",
            "compression": 0
          },
          "redirectURL": "",
          "headersSize": 131,
          "bodySize": 0,
          "_transferSize": 131
        },
        "cache": {},
        "timings": {
          "blocked": 0.641999999061227,
          "dns": -1,
          "connect": -1,
          "send": 0.16999999934341703,
          "wait": 99.77200000139436,
          "receive": 0.8779999989199609,
          "ssl": -1
        },
        "serverIPAddress": "127.0.0.1",
        "connection": "15855",
        "pageref": "page_1"
      }
    ]
  }
}

Graylog Version: Graylog v2.3.1
Elasticsearch Version: 5.5
MongoDB Version: 3
Operating System: CentOS 7
Browser version: Version 60.0.3112.113 (Official Build) (64-bit)

joschi pushed a commit that referenced this issue Sep 6, 2017
The configuration settings `rest_max_initial_line_length` and `web_max_initial_line_length`
were incorrectly used in `JerseyService` to specify the maximum size of HTTP request headers.

The correct configuration settings to use are `rest_max_header_size` and `web_max_header_size`.

Since there are no equivalent settings in Grizzly (as opposed to Netty's HTTP handler, from
which these settings have been carried over), the incorrectly used settings have been removed.

Fixes #4118
Refs #1613
@ghost ghost assigned joschi Sep 6, 2017
@ghost ghost added the in progress label Sep 6, 2017
@joschi
Copy link
Contributor

@joschi joschi commented Sep 6, 2017

@Aenima4six2 The HTTP request headers are too large to fit the default of 4096 bytes.

Try increasing rest_max_initial_line_length and web_max_initial_line_length to an appropriate value, e. g. 8192 or higher.

Additionally, the rest_max_header_size and web_max_header_size settings have been used incorrectly in Graylog. This will be fixed in #4128.

Loading

@joschi joschi added this to the 2.4.0 milestone Sep 6, 2017
dennisoelkers added a commit that referenced this issue Sep 11, 2017
…4128)

The configuration settings `rest_max_initial_line_length` and `web_max_initial_line_length`
were incorrectly used in `JerseyService` to specify the maximum size of HTTP request headers.

The correct configuration settings to use are `rest_max_header_size` and `web_max_header_size`.

Since there are no equivalent settings in Grizzly (as opposed to Netty's HTTP handler, from
which these settings have been carried over), the incorrectly used settings have been removed.

Fixes #4118
Refs #1613
@ghost ghost removed the in progress label Sep 11, 2017
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
3 participants