Forum Discussion
NimbostratusASM Signatures 200002147 and 200002149 triggering on CMS content
I was doing some testing with an article that one of the content contributors here wrote. If I copied + pasted the article into my dummy form as plain text, there were no issues with HTML form submission.
If I passed the same article as HTML either from Eclipse Studio or as-generated from the Javascript based HTML / WYSIWYG editor in our site, ASM would detect a possible signature... so it seems like it's more not happy about HTML being sent back and forth.
Is there something I can do to my content management system's form fields in order to keep them from triggering false positive blocking, or do I have to "learn" the signature for each form field parameter.
1 Reply
- boneyard
MVP
don't think many people know by hard which ones those are, it is SQL-INJ expressions like "or 1 is 1" (3) and SQL-INJ expressions like "and 1 is 1" (5) - replaced something there to prevent ASM from triggering here :) so i would assume there is some text going on in the html part with and / or 1 is 1.
personally i would disable these if they occur, there accuracy is low.
