Securely
  • Secure HAR File Management with Securely
    • What is sanitized by default
    • Jira Service Management Customer Portal
    • Configuration
    • Limits
  • Privacy Policy
  • Terms of Service
Powered by GitBook
On this page
  • Understanding HAR Files
  • The Risks Involved
  • Introducing the HAR Sanitizer
  • How It Works
  • Just Enough Sanitization
  • Conclusion

Secure HAR File Management with Securely

Overview

In the light of recent security incidents, it has become increasingly clear that HTTP Archive (HAR) files, while invaluable for troubleshooting, can inadvertently become vectors for security breaches. To counteract this threat, we have developed a new HAR sanitizer tool, ensuring secure sharing and handling of HAR files.

Understanding HAR Files

HAR files are JSON formatted archives capturing a user's interaction with a web application. They can contain sensitive information, such as:

  • Request and Response Headers: Data sent and received during a session, including URLs, cookies, and status codes.

  • Payload Content: The content exchanged between the client and server.

  • Timing Information: Breakdowns of each phase of the request, useful for identifying performance bottlenecks.

The Risks Involved

Despite their utility, HAR files can become an attack vector:

  • Unauthorized Access: A valid session cookie in a HAR file can grant entry to a user's account.

  • Session Hijacking: Attackers can impersonate users.

  • Persistent Exposure: The risk may continue beyond the session duration based on the cookie's lifespan.

  • Gateway to Further Attacks: Attackers could probe for other vulnerabilities.

Introducing the HAR Sanitizer

To mitigate these risks, we introduce our HAR Sanitizer tool, built to strip sensitive session-related information from HAR files attached to your Jira instance.

How It Works

Our tool integrates seamlessly with your Jira workflow:

  1. Attachment Processing: When a HAR file is attached to a Jira issue, our tool automatically processes it.

  3. Attachment Creation: The sanitized HAR file is then attached back to the Jira issue.

  4. Original File Deletion: The original file is deleted after successful sanitization.

Just Enough Sanitization

Our tool is designed to perform "just enough" sanitization, stripping sensitive data while retaining essential information for troubleshooting.

Conclusion

In building this tool, we're ensuring that organizations can continue to benefit from HAR files without compromising security. By automatically sanitizing sensitive information and integrating seamlessly into your existing workflows, we're taking a significant step towards a safer and more secure internet.

NextWhat is sanitized by default

Last updated 1 year ago

Secure Sanitization: The tool scrubs sensitive session cookies and tokens, creating a sanitized copy. Please see for more detailed information.

What is sanitized