Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fortiosapi: update_cookie issue since upgrade from 7.0.12 to 7.2.6 #79

Open
avlankveld opened this issue Dec 31, 2023 · 1 comment
Open

fortiosapi: update_cookie issue since upgrade from 7.0.12 to 7.2.6 #79

avlankveld opened this issue Dec 31, 2023 · 1 comment

Comments

@avlankveld
Copy link

Since the fortigate upgrade from 7.0.12 to 7.2.6 we noticed a problem with fortiosapi.

When creating an address we now get a 403 error.
we use https port 10443

the name of the Cookie is not
'ccsrftoken'
but
'ccsrftoken_10443'

the result of this is that the session header does not have an X-CSRFTOKEN.

As a workaround, I adjusted the update_cookie routine:

if cookie.name == 'ccsrftoken':
changed to
if cookie.name == 'ccsrftoken' or cookie.name == 'ccsrftoken_10443':

now it works for me....
@cldmkr
Copy link

cldmkr commented Feb 15, 2024

For 7.0.x the issue starts with 7.0.14 (upgraded from 7.0.12; maybe even starts with 7.0.13 already).
Note that the token name is different there, being csrftoken_, so we're checking it like:
if cookie.name == 'ccsrftoken' or cookie.name.startswith('ccsrftoken_'):

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@avlankveld @cldmkr