Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Missing User-Agent header in Post request to cognito #264

Open
abcJo opened this issue Mar 8, 2024 · 3 comments
Open

Missing User-Agent header in Post request to cognito #264

abcJo opened this issue Mar 8, 2024 · 3 comments

Comments

@abcJo
Copy link

abcJo commented Mar 8, 2024

When using a Congito User Pool with a WAF attached the following scenario occurs:
The post request to exchange the authorization token to Cognito /oauth/token endpoint is blocked by a WAF that contains the AWS managed rule AWSManagedRulesCommonRuleSet.
Specifically, the NoUserAgent_HEADER rule blocks the request.

Is it possible to update the request configurations, so that the User-Agent header is set?
@ottokruse
Copy link
Collaborator

Sure thing, wanna send a PR?

Just inject a default user agent header option here:

cloudfront-authorization-at-edge/src/lambda-edge/shared/shared.ts

Lines 498 to 502 in 612fddc

return await fetch(url, data, {
agent: AGENT,
...options,
method: "POST",
}).then((res) => {

@abcJo
Copy link
Author

abcJo commented Mar 11, 2024

Great.
I'd love to, however, I'm not at all familiar with typescript.
It's probably much faster if you could do it :)
Thanks!

@ottokruse
Copy link
Collaborator

No worries, but I don't know when I'll have bandwidth for it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ottokruse @abcJo