This program was created in response to a security incident disclosed by Okta, where an adversary was able to access HAR (HTTP Archive) files shared by Okta's customers with their Customer Support team. These HAR files may have included sensitive session cookies, which could be exploited to hijack user sessions. The incident highlights the importance of scrutinizing the contents of HAR files before sharing them with third parties, even for debugging or customer support purposes.
This tool scans HAR files to identify potential session cookies that may be unsafe to share with third parties. By flagging these cookies, the program aims to prevent the inadvertent sharing of sensitive information.
No dependencies are needed. Simply clone the repo and compile the cmd/main.go file.
Run go install:
go install github.com/nmelo/har-sanitize/cmd/har-sanitize@latest
the har-sanitize command will be built and installed in your ~/go/bin. Now you can run har-sanitze <har_file_name>.
Alternatively, you can download a pre-built release from the Releases page. Once downloaded, change permissions to executable and run:
santize_har <har_file_name>Clone the repo:
git clone github.com/nmelo/har-sanitize
Run the program with the following command:
go run cmd/har-sanitize/main.go <har_file_path>The program will scan all the cookies and headers in all the requests contained in the HAR file, flag and scramble potential session cookies that could be risky to share, and then save a sanitized version of the HAR file.
The program will print any risky session cookies:
go run cmd/har-sanitize/main.go example.har
Unsafe to share: JSESSIONID=CBF969ABF6B1101DC5A9636425425272
Unsafe to share: JSESSIONID=B6DCo89873987234JSDJLHCK32323233
Modified HAR file has been saved as safe_to_share.har