You are setting up your Nprinting server on Azure behind an Azure Gateway and are receiving an error 500 when trying to access the NPrinting Web console.
Environment
Qlik NPrinting
Resolution
Disable the following WAF rules in Azure:
# 920270: PL1 : REQUEST_URI, REQUEST_HEADERS, ARGS and ARGS_NAMES
# ASCII 1-255 : Full ASCII range without null character
# 920271: PL2 : REQUEST_URI, REQUEST_HEADERS, ARGS and ARGS_NAMES
# ASCII 9,10,13,32-126,128-255 : Full visible ASCII range, tab, newline
Caution:
Please contact Microsoft Azure support beforehand and make sure it is safe to disable these 2 rules.
Cause
Requests are getting blocked due to the null values in the Request Cookie.
The issue here is Request Header Cookie is outside range of 1-255 and has null character in it.
The null character is a designed mechanism for the Revel framework to manipulate the cookies. The latest Revel version checks for a maximum cookie length of 4096, so NPrinting is not designed to stay below 255 characters.
Max cookie length is 4096 characters in any modern browser (and support for this size is recommended in https://datatracker.ietf.org/doc/html/rfc6265#section-6.1) so both limitations are in fact expected
Related Content
https://docs.microsoft.com/en-us/azure/web-application-firewall/afds/waf-front-door-drs?tabs=drs20
https://github.com/revel/revel/blob/v0.19.0/session.go#L88
https://github.com/revel/revel/blob/v1.0.0/session_adapter_cookie.go#L124
https://datatracker.ietf.org/doc/html/rfc6265#section-6.1)
Internal Investigation ID
QB-3977
.png "Former Employee"){kind=icon}
