Hello I am trying to deploy my Azure Machine Learning pipeline with a REST endpoint. My problem is that I was able to generate an endpoint but has some sensitive information in it (ex: subscription id, resource group, etc). How can I generate a URL that forwards the request body to my Azure ML REST endpoint?
also, here is an approach I've done:
Used Application Gateway Redirect (this approach didn't forward the request body. It instead turned my POST request into a GET request when it redirected to the correct URL.)
The issue is raised because of some of the default security headers dependent on REST API and web based. Need to set the REST API CSP HEADER. Check the request and response headers in config file of the web application.
Related
I am trying to call the Azure-hosted API endpoint using a 3rd party application. Application sends the HTTP request with the header values ContentType = "*/*";
Azure Application Gateway WAF blocks the request showing the below diagnostics logs.
I am aware that, I can add an exclusion in the Web Application Firewall settings, however, I am not able to extract the Request Header Name since the logs do not show the value due to the wildcard(ContentType = "*/*";) content type sent by the 3rd party app.
I added the below rule, but it is still blocking the request.
How can I allow the request via the AGW?
Please find the logs below.
Thanks in advance.
Within the area of the APIM Policy, using emit-metric to send the original call and client IP address to App Insights. I cannot find how to send the URI that is sent to the backend, which will not be the same as the original URI call due to transformations in the Policy.
Should the logging go into the section?
Cannot seem to find the spot in the docs.
Thanks.
I'm currently running a windows azure web app behind an application gateway v2.
I would like to use header information for x-forwarded-host or x-original-host - but it does not work.
Now I'd like to trace what request headers are actually received by the web app. I'm trying network-capturing. But as the whole traffic is HTTPs - I guess I'm not seeing all the fields.
Any Idea?
You can configure application gateway to modify request and response headers and URL by using Rewrite HTTP headers and URL or to modify the URI path by using a path-override setting. However, unless configured to do so, all incoming requests are proxied to the backend.
For more details, you can read the offical document.
I'm trying to expose my SOAP service as REST using azure API management SOAP to REST feature.
The WS imports, exposes my services and works fine, but all generated REST services are exposed with POST verb. When i try to change to verb GET the method GetUsers, for example, the content does not load (I receive an OK, but without content). When i try keeping the method with the POST verb, the content loads.
Is this possible? Can i change a HTTP verb from a originally SOAP service that was exposed as REST using Azure Management API?
Thanks.
You should be able to resolve that by adding set-method policy, so that when APIM receives GET request it changes method to POST before forwarding it to backend.
Add this to your API Management policy
<set-method>POST</set-method>
I am working on Logic apps with HTTP Listener and tried with the below option rather creating API Controller. Referring below URLs
https://azure.microsoft.com/en-us/documentation/articles/app-service-logic-http-endpoint/
I created a Logic App with "HTTP Request" and do the processing and send the response back to caller. It is working as expected.
but one thing i just wanted to know is , when i create HTTP Request, it provides default URL like below,
https://prod-****.logic.azure.com:443/workflows/*******69a5b764/triggers/request/run?api-version=2015-08-01-preview&sp=%2Ftriggers%2Frequest%2Frun&sv=1.0&sig=*****2MCOoTKZU
Shall we define Custom URL instead default one, like below
Please advise.
There are two different approaches you can hide the original Logic App URL:
Using Azure API Management (APIM)
Using Azure Functions Proxy (AFP)
Through APIM or AFP, you can hide the SAS token part of querystring, sp, sv andd sig, as well as the api-version parameter. Those parameters can be passed through the request header.
By doing so, you can use your own custom URL and hide the SAS token. I've written a blog post about this: https://blog.mexia.com.au/securing-sas-token-from-azure-logic-apps