search

OpenCTI-Platform / opencti

Open Cyber Threat Intelligence Platform
https://opencti.io
Other
6.47k stars 951 forks source link

OpenCTI Taxii server return HTTP 200 OK for bad credentials instead of HTTP 403 #8946

Open aHenryJard opened 2 weeks ago

aHenryJard commented 2 weeks ago

Description

OpenCTI Taxii server return HTTP 200 OK for bad credentials instead of HTTP 403.

The consequence is that using OpenCTI as taxii client with another OpenCTI => there is no error, so no error log to understand the issue.

Environment

  1. OS (where OpenCTI server runs): { e.g. Mac OS 10, Windows 10, Ubuntu 16.4, etc. }
  2. OpenCTI version: { e.g. OpenCTI 1.0.2 } 6.3.11
  3. OpenCTI client: { e.g. frontend or python }
  4. Other environment details:

Reproducible Steps

Steps to create the smallest reproducible scenario:

  1. Create a taxii server on one instance that is not public
  2. Call the url with a Curl with wrong data for auth

Expected Output

Expect to have an HTTP error 403 forbidden

Actual Output

HTTP 200 OK and OpenCTI login page as HTML in the response body

Additional information

Please check also other Taxii server error (like 500).

Screenshots (optional)

aHenryJard commented 4 days ago

Not sure why but I think the behavior has changed, it's now sending a HTTP 500. But still not the right HTTP code, should be just forbidden.