Forum Discussion

ghost-rider_124's avatar
ghost-rider_124
Icon for Nimbostratus rankNimbostratus
Jun 24, 2014

ASM Learning Fine Tuning (illegal meta characters in value)

Hello Experts   My ASM policy is in transparent mode and configured as manually that is through wildcards for URL, Parameters and file types.   I am getting violations "illegal meta characters...
ASM Advanced WAF
deployment
security
  • Vitaliy_Savrans's avatar
    Vitaliy_Savrans
    Jun 24, 2014

    Hi,

     

    1. You must decide wich meta characters is allowed for the parameters.
    2. If you accept suggestion for wildcard parameters illegal meta characters would be accepted for all parameters but not for particular learned parameters.
    3. Allowed: Specifies that the character or meta character can occur in parameter values. Disallowed: Specifies that the character or meta character can not occur in parameter values.
    4. This settings came from /Security/Application Security/Parameters/Characters Sets
Vitaliy_Savrans's avatar
Vitaliy_Savrans
Icon for Nacreous rankNacreous
Jul 17, 2014

Hi,

 

"Allow in parameter value and XML/JSON content character sets" mean if you select this and accept, the system allows this meta character in the security policy’s parameter value character set, XML content character set, JSON content character set.

 

If you choose "Allow on entities" system allows this meta character only for parameter value that you select.