Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • +2 person also asked this people also asked this
  • Locked Locked
  • Replies 6 replies
  • Subscribers 30 subscribers
  • Views 19964 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Clientless access does not rewrite html for relative paths

MassimoForni

I have some http/https internal websites exposed via clientless access, but all I can see is the html page and the css/js/img with absolute paths only

I see that every link (https://my.url in this example) is rewritten in to https://FW_FQDN/userportal/CRSSL/https/my.url?csrf=RANDOM_CSRF

This rewrite does not apply to relative paths so <img src="logo.png"> will be resolved by the browser to https://FW_FQDN/logo.png which will fall to a 404

 

I can't believe that no one is using http resources via clientless access and even in Sophos no one tested it...

Thanks



This thread was automatically locked due to age.
Parents
  • 0

    FYI clientless access with HTTP(s) resources does not work.

    There is a known issue (NC-13622, present from XG 15.1.0) about clientless not supporting html forms... So you can't show any input to the use via HTML...

    Also there are two other issues (NC-13570 from XG 16.1.0 and NC-10370 from XG 15.1.0) about not rewriting any relative path resources.

     

    I really don't understand how could Sophos release on production the clientless access where it simply does not work in ANY scenario (for http, I am not talking about RDP, telnet, etc).

    Don't they have a QA dept.?

Reply
  • 0

    FYI clientless access with HTTP(s) resources does not work.

    There is a known issue (NC-13622, present from XG 15.1.0) about clientless not supporting html forms... So you can't show any input to the use via HTML...

    Also there are two other issues (NC-13570 from XG 16.1.0 and NC-10370 from XG 15.1.0) about not rewriting any relative path resources.

     

    I really don't understand how could Sophos release on production the clientless access where it simply does not work in ANY scenario (for http, I am not talking about RDP, telnet, etc).

    Don't they have a QA dept.?

Children
  • 0 in reply to ShunzeLee

    Does RDP (Windows 10) and VNC (to Mac 12.0.3) work?

    Neither of these does work for me, tried all different settings.

    SSH works fine and HTTPS works for some pages.

  • 0 in reply to MassimoForni

    MassimoForni said:

    FYI clientless access with HTTP(s) resources does not work.

    There is a known issue (NC-13622, present from XG 15.1.0) about clientless not supporting html forms... So you can't show any input to the use via HTML...

    Also there are two other issues (NC-13570 from XG 16.1.0 and NC-10370 from XG 15.1.0) about not rewriting any relative path resources.

     

    I really don't understand how could Sophos release on production the clientless access where it simply does not work in ANY scenario (for http, I am not talking about RDP, telnet, etc).

    Don't they have a QA dept.?

     

     

    Any update from Sophos regarding the URL rewrite for NC-13570?  There have been a couple of releases and this fix wasn't in any of them.

  • 0 in reply to AlexRomp

    Sure, the support said those known issues are from v15 and they do not have any release date planned for the fix to the NC-13622

    The other two NC are still under "investigation" ...