Forum Discussion
hooleylist
Sep 21, 2011Cirrostratus
Hi Bill,
I don't think it's practical to implement full XSS detection in an iRule. You could try, but I think you'd always be a few steps behind attackers. iRules don't current provide native methods for handling all of the encoding methods that an attacker could use. Not to give you a sales pitch, but F5 offers the ASM web app firewall. It does provide very complete XSS protection along with a lot of other positive and negative validations for SQL injection, bots, etc. And there are plenty of competitors you could check out as well.
Aaron