We over here have a DNS discovery interface that unfortunately, to enable the usage of said DNSs with our customers, our default guest policy includes making all services and nodes, including their health check statuses to be viewable to everyone that can.
We want our customers to view the website, so they’ll check their service and nodes statuses alone, and we have token-based authentication for that (for this purpose, although currently it’s not usable due to, well, the monitor being visible to everyone).
Fortunately enough, we found a way to kinda make it work. We found out that the token is saved in the browser’s localstorage, so we want to tamper with that location to create a bypass to the default policy, and create a separate UI policy - with no services or nodes visible, and let the customer log in with his token in a specified window the DNS discovery UI endpoint already has.
Currently we use HAProxy Community edition for port forwarding from 443 to its port, but my question is - is there a possibility to save to localstorage or run a JS script on the client before the forwarding itself happens? and if not, is there another way to do that job? Unfortunately we can’t tamper with the website itself, since it runs from a binary file.