Forum Discussion

Nik_67256's avatar
Icon for Nimbostratus rankNimbostratus
Jun 06, 2012

ASM Injections


Hello All,



I had 2 Queries on what is injected in the traffic/URI's by ASM or any other manipulation done by it that alters the original state.



1) Is ASM cookie injected in the header of the traffic passing through ASM , irrespective of not


selecting any of these in the policy--> blocking screen



ASM Cookie Hijacking


Expired timestamp


Modified ASM cookie


Modified domain cookie(s)





2) Besides CSRT token i injection (for CSRF protection) and java script injection (for Web Scrapping ) are there any other injections/manipulations happening in the traffic or URI/URLs? If so what are they ?






1 Reply

  • The ASM will always inject the TS* cookie, even in transparent. This allows the ASM to track information about individual clients such as their IP address. When a TS* cookie becomes associated with another client from a different IP address then it will suspect a cookie hijacking has taken place.


    I have only seen the ASM inject CSRF tokens (when CSRF was turned on) and Web Scraping JavaScript. I have never seen any other manipulations.