HI all, chrome network tab show a fetch not being completed to download .../3.0/etc/passwd
HI all, chrome network tab show a fetch not being completed (pending) to download ...leaningtech.com/3.0/etc/passwd. the error afte a while is:
error_http2_server_refused_stream this happening during loading of the page containing the applet with the cheerpj loading and init
5 Replies
We cannot reproduce any problem with this URL or our runtime in general. Can you provide a reproducible example?
Can you also verify that there are no third-party extensions that might be interfering with CheerpJ.
the loading of cheerjp want to download passwd. I get failure with curl too: curl https://cjrtnc.leaningtech.com/3.0/etc/passwd --ssl-no-revoke give recv failure: connection was reset. but if i do a curl on rt.jar it do downlaod it
i tried on another system and the file download... strange it seems my company is blocking that url specifically for that specific file passwd (maybe passwd is blocked...). thank you
Yes, this seems like a misconfigured company firewall. The file is of course just an internal configuration that Java uses to retrieve the virtual user information, it has no actual impact on security
i suppose you could intercept the request with a service worker?
then you can download it from a different url
thanks all