Forum Discussion

Nimbostratus

Aug 27, 2012

Blocking embedded JAVA and HTML

Hey Guys, Im not sure I need to do this on a firewall level or I can do it on the F5. I have looked around and didnt find anything that matched up with what I wanted to do. Im trying to bl...

Cirrostratus

Aug 29, 2012

You could try to use an iRule validate the HTTP requests which trigger the XSS being sent to the client, but iRules aren't very well suited for doing validation of payload parameters. That's where ASM (Application Security Manager) would really help. ASM provides full validation of the HTTP/S request components and provides very good default attack signatures and meta-character enforcement to mitigate XSS vulnerabilities.

Aaron

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Blocking embedded JAVA and HTML

Recent Discussions

how to whitelist new source IP on F5 web UI access

F5 to read a combined CRL file

Upgrade F5 BIGIP

ISP Load Balancing, SNAT pool instead of Automap link self-ip, anyway to do health check ?

MAC address of deleted VS IP address still responsive

Related Content

iControl Library For Java With Source

Block IP after a number of ASM Blocks

Block traffic

Response and blocking page

domain blocking

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS