Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral

Filter by:
  • Solution
  • Technology
Answers

ASM XSS Protection

Hello All,

When configuring ASM, I need to enable Response Signature to block simple XSS such as window.alert.

Please inform which kind of XSS that can be blocked WITHOUT enabling Response Signature.

Thank you,

0
Rate this Question

Answers to this Question

placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

I don't believe there are any XSS signatures which apply to responses; they apply only to requests. As for the kind of XSS that can be blocked all we have to go on is the name of the signature since the actual expression cannot be seen.

0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

Your question has many answer because as the case may be applied custom signatures.

Assuming that what we want to prevent is that you can lock a xss you print to a response, such an attack of "xss store".

A quick fix is enabled in "Negative Security Violations" the option "Data Guard: Information leakage detected."

After the active You enter "Security >> Application Security: Data Guard"

And there you set the following:

Data Guard enabled

and the Most Important Custom Patterns (enabled)

New Pattern: window.alert.

and after save it.

With this method prevenis if you injected the xss run only featured a support id blocking the screen, so it is best to stop it in the request but hey this would be one way to do what you ask.Image Text

0