Forum Discussion

mikegray_198028

Cirrus

Dec 02, 2015

can we block Cross-site scripting (XSS) in LTM

Hello, is there any possibility to block Cross-site scripting (XSS) in LTM module using Irule?

Nimbostratus

Dec 02, 2015

One could probably hobble something together in an iRule (there might even be some iRules for that in the codeshare area). Here is an example someone suggested.

This is really what ASM is for, however. That is tested and maintained. Rolling your own might work in some or even a lot cases, but it'll sign you up for maintaining it, which I wouldn't suggest.

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

can we block Cross-site scripting (XSS) in LTM

AppWorld 2026: Save the Date and Join Our Community In Person!

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

Does F5 Rules for AWS WAF - Common Vulnerabilities & Exposures Mitigate Log4J vulnerabilities

Credentialed Scanning - F5OS - Rseries

WebSocket connection to 'wss://...' failed: Invalid frame header

f5 asm reporting aggregate

rSeries 4600 additional Core Enable

Related Content

Cross Site Scripting (XSS) Exploit Paths

Mitigating OWASP Web Application Risk: Cross-Site Scripting (XSS) using F5 BIG-IP

Lightboard Lessons: OWASP Top 10 - Cross Site Scripting

How To Protect Your Applications from Cross Site Request Forgery (CSRF) with F5 Distributed Cloud

MASS Cross-Site Defacement

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS