Invalid entries in the Qlik Sense Enterprise on Windows host allow list on the virtual proxy configuration

While older Qlik Sense Enterprise on Windows versions are lenient on the formatting used for the host allow list in the virtual proxy configuration, the February 2022 edition is the first which strict checking.

A former successful request will now be translated into a 400 bad request. In the Proxy_Audit logs, you will find that the hostname calling the server is not present in the allowed list.

In some cases, this will even happen when the entry is on the list due to misformatted entries in the host allow list, which causes the entire list to not be fully loaded. 

Valid entries are explained here: Creating a virtual proxy

Valid ones are:

• domain.com
• subdomain.domain.com

Incorrect ones are:

• .domain.com
• *.domain.com

Note: We do not recommend listing IP addresses. IP address ranges cannot be added to the allow list.

Environment

Qlik Sense Enterprise on Windows February 2022 and higher

Resolution

Remove additional characters in front of the host allow list entries.

Cause 

From this version, stricter checking has been implemented due to a security issue found with QB-7782. No longer is it permitted to use . (dot) or *. (star dot) in front of a domain name. This will lead to a 400 bad requests.