Skip to content

Instantly share code, notes, and snippets.

@leenyburger

leenyburger/gist:8004e230509c94f7c5d0731bbc05ee48

Last active October 18, 2022 18:49
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save leenyburger/8004e230509c94f7c5d0731bbc05ee48 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save leenyburger/8004e230509c94f7c5d0731bbc05ee48 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
gistfile1.md

File is here in S3: curl -I https://s3.us-east-1.wasabisys.com/static.files-simplefileupload.com/s2fuah5i30wvwd7for7ent2oj8p2 S3 returns a content type of Content-Type: image/jpeg

When the image is requested a GET request is sent to the Rails application which does a redirect_to. There is a WAF in front of *.files-simplefileupload.com. This returns a content type of text/html which is correct (I think)? -> then it hits a second WAF which sits in front of resize-files.simplefileupload.com

Curl the first WAF (redirect) type of text

➜  Developer git:(master) ✗ curl -I "https://cdn-jzo7ptov.files-simplefileupload.com/static/blobs/proxy/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBeG9lQVE9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ\=\=--0afeccae07753ae47dc2ba989601da489d50d492/0368F3B3-02EC-43CE-A2C8-1AA0EB020598.jpeg"
HTTP/2 404
server: nginx
date: Tue, 18 Oct 2022 18:30:19 GMT
content-type: text/html
x-sucuri-id: 11011
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 806bda73-77ae-4f6c-8b83-92db4a421a83
x-runtime: 0.004962
strict-transport-security: max-age=63072000; includeSubDomains
vary: Origin
via: 1.1 vegur
x-sucuri-cache: MISS

There is a different WAF in front of resize-files.simplefileupload.com. Curl the second WAF (resize-files) content type image (correct)

➜  Developer git:(master) ✗ curl -I "https://cdn-jzo7ptov.resize-files-simplefileupload.com/twPtekYOFtN8fgRNJ61oLUidTEW58kkb1lA_6YCCCso/plain/s3://static.files-simplefileupload.com/s2fuah5i30wvwd7for7ent2oj8p2?cb=3"
HTTP/2 200
server: nginx
date: Tue, 18 Oct 2022 18:47:14 GMT
content-type: image/jpeg
content-length: 1424190
x-sucuri-id: 11007
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
cache-control: max-age=3600, public
content-disposition: inline; filename="s2fuah5i30wvwd7for7ent2oj8p2.jpg"
expires: Tue, 18 Oct 2022 19:39:57 GMT
x-request-id: 5a0d86ec-61fc-4265-aa83-ebe91cf2c187
via: 1.1 vegur
x-sucuri-cache: HIT
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment