Amr_Esmat_24704
Aug 20, 2018Nimbostratus
ASM policy doesn't block metacharacters in paramters name and value
I have ASM policy in blocking mode for a VS rules are as below:
- parameters allowed wildcard *, Value or Name Meta characters are now allowed only space and : allowed in value not parameter name
- under Application Security : Blocking : Settings Illegal meta character in parameter name and Illegal meta character in value both are blocking
- url allowed wildcard /page1*
when I test url parameters to check if the policy works correctly:
- /page1?a=