bjorg235
Jan 03, 2020Altocumulus
irule to reject user defined headers
Hi ,
We have an issue after enabled X-forwarded-for in f5. Dev found a vulnerability thats users allowed able to put code injection by manipulating http headers.May I know if there is any irule to avoid header manipulation. The vulnerability issues are yet to come. i am guessing it could be Clickjacking issues
Any help would be appreciated.