0.5.2 is being blocked #152
Comments
|
im not familiar with ciscos WAF. my guess is it may not like the file name or type of file for some reason. i do see where they tried newer version and it seems related to #113 though I've yet to figure out what the exact issue there maybe and the reporter said even native zip had issues with his testing. |
|
unfortunately the cisco thing is something I'm trying to understand myself, but basically if it deems a url as hosting malware or file as being malware, it will block access to it. My understanding is cisco maintains a threat database that is used to evaluate what is malware. If it get's reported incorrectly, then the only way to fix it is to have cisco update their database. In regards to the something being wrong with the file name, it's funny because the the following url is allowed https://registry.npmjs.org/archiver/-/archiver-0.15.0-1.tgz. Would there be any differences between the organization of the tar files. My guess is the file would scan correctly now and the blocking is likely just the result of reading a database whose flag is set incorrectly. Thanks for any and all help on this. |
0.5.2 is being reported as malware by Cisco. We are trying to use the ionic framework that has a dependency on version 0.5.2. Unfortunately Ionic tried to update to a later version, which did get past the repo being reported as malware, but broke something else. Can you help us clear this up with Cisco.
wsa : http://www.cisco.com/c/en/us/products/security/web-security-appliance/index.html
url: https://registry.npmjs.org/archiver/-/archiver-0.5.2.tgz
error:
Based on your organization's access policies, this web site ( http://registry.npmjs.org/archiver/-/archiver-0.5.2.tgz ) has been blocked because it has been determined to be a security threat to your computer or the organization's network. Malware in the category Unscannable has been found on this site.
The text was updated successfully, but these errors were encountered: