Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

cnspec reports different User-Agents depending on destination #1451

Open
philipbalinov opened this issue Oct 11, 2024 · 0 comments
Open

cnspec reports different User-Agents depending on destination #1451

philipbalinov opened this issue Oct 11, 2024 · 0 comments

Comments

@philipbalinov
Copy link

Describe the bug
A single run of cnspec scan local reports multiple User-Agent strings when performing http(s) requests, seemingly based on the URL being called.

To Reproduce
Observed while running cnspec scan local --api-proxy http://localhost:8080 against MITMProxy

Expected behavior
cnspec should report a consistent User-Agent string for all outgoing HTTP requests, for example in the format

User-Agent: PN/<platform> build/<build shorthash> cnspec/<version> cnquery/<version>

Screenshots or CLI Output
I can provide a full flow log from MITMProxy upon request. Here is the relevant information w.r.t. request path and reported user-agent

TLDR; there are three User-agent strings here: Go-http-client/1.1,, PN/linux build/4dd693e cnquery/11.24.0, and mondoo-graphql-client/0.0.1

root@ubuntu:~# grep -aioP  '((path;)(.*?)),|((user-agent,)(.*?),)' cnspec-local-scan-flow.log
path;22:/providers/latest.json,
User-Agent,18:Go-http-client/1.1,
path;20:/PolicyHub/GetBundle,
User-Agent,38:PN/linux build/4dd693e cnquery/11.24.0,
path;33:/PolicyResolver/SynchronizeAssets,
User-Agent,38:PN/linux build/4dd693e cnquery/11.24.0,
path;27:/PolicyHub/GetPolicyFilters,
User-Agent,38:PN/linux build/4dd693e cnquery/11.24.0,
path;36:/PolicyResolver/ResolveAndUpdateJobs,
User-Agent,38:PN/linux build/4dd693e cnquery/11.24.0,
path;28:/PolicyResolver/StoreResults,
User-Agent,38:PN/linux build/4dd693e cnquery/11.24.0,
path;28:/PolicyResolver/StoreResults,
User-Agent,38:PN/linux build/4dd693e cnquery/11.24.0,
path;28:/PolicyResolver/StoreResults,
User-Agent,38:PN/linux build/4dd693e cnquery/11.24.0,
path;28:/PolicyResolver/StoreResults,
User-Agent,38:PN/linux build/4dd693e cnquery/11.24.0,
path;28:/PolicyResolver/StoreResults,
User-Agent,38:PN/linux build/4dd693e cnquery/11.24.0,
path;28:/PolicyResolver/StoreResults,
User-Agent,38:PN/linux build/4dd693e cnquery/11.24.0,
path;28:/PolicyResolver/StoreResults,
User-Agent,38:PN/linux build/4dd693e cnquery/11.24.0,
path;28:/PolicyResolver/StoreResults,
User-Agent,38:PN/linux build/4dd693e cnquery/11.24.0,
path;28:/PolicyResolver/StoreResults,
User-Agent,38:PN/linux build/4dd693e cnquery/11.24.0,
path;28:/PolicyResolver/StoreResults,
User-Agent,38:PN/linux build/4dd693e cnquery/11.24.0,
path;28:/PolicyResolver/StoreResults,
User-Agent,38:PN/linux build/4dd693e cnquery/11.24.0,
path;28:/PolicyResolver/StoreResults,
User-Agent,38:PN/linux build/4dd693e cnquery/11.24.0,
path;28:/PolicyResolver/StoreResults,
User-Agent,38:PN/linux build/4dd693e cnquery/11.24.0,
path;28:/PolicyResolver/StoreResults,
User-Agent,38:PN/linux build/4dd693e cnquery/11.24.0,
path;28:/PolicyResolver/StoreResults,
User-Agent,38:PN/linux build/4dd693e cnquery/11.24.0,
path;28:/PolicyResolver/StoreResults,
User-Agent,38:PN/linux build/4dd693e cnquery/11.24.0,
path;6:/query,
User-Agent,27:mondoo-graphql-client/0.0.1,

Desktop (please complete the following information):

  • OS: Ubuntu
  • OS Version: 22.04
  • Browser if applicable: N/A
  • Browser Version: N/A

Additional context
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@philipbalinov