Allow users to send requests from CMK using POST requests. #161
+17
−3
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
added 2 commits
February 28, 2025 16:17
rohityadavcloud
requested review from
shwstppr,
vishesh92,
Pearl1594 and
sureshanaparti
shwstppr
reviewed
Mar 26, 2025
| @@ -282,6 +284,9 @@ func saveConfig(cfg *Config) *Config { | |||
| core.AutoComplete = true | |||
| core.Output = JSON | |||
| } | |||
| if !conf.Section(ini.DEFAULT_SECTION).HasKey("postrequest") { | |||
| core.PostRequest = true | |||
There was a problem hiding this comment.
default PostRequest is true, so should set to false here when "postrequest" key not present?
There was a problem hiding this comment.
Good point @sureshanaparti. @kevin-lii can you please check this?
shwstppr
reviewed
Apr 8, 2025
| @@ -204,6 +204,8 @@ func NewAPIRequest(r *Request, api string, args []string, isAsync bool) (map[str | |||
| } | |||
| } | |||
| params.Add("response", "json") | |||
| params.Add("signatureversion", "3") | |||
| params.Add(expiresKey, time.Now().UTC().Add(15 * time.Minute).Format(time.RFC3339)) | |||
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
Currently, CMK only allows for POST requests and this is a security concern since GET requests may leak the values of the query parameters.
Types of changes
[] Breaking change (fix or feature that would cause existing functionality to change)
[] New feature (non-breaking change which adds functionality)
[] Bug fix (non-breaking change which fixes an issue)
[] Enhancement (improves an existing feature and functionality)
[] Cleanup (Code refactoring and cleanup, that may add test cases)
[] build/CI
[] test (unit or integration test code)
[X] Feature/Enhancement Scale
[] Major
[X] Minor
How Has This Been Tested?
This was tested by manually building CMK and using a proxy to confirm that POST requests are being sent by CMK when the configuration value is set.