Forum Discussion
John_Alam
Dec 11, 2021Employee
You may want to consider scanning the entire HTTP request as one variable. [HTTP::request],
You may also want to normalize it using [URI::decode [HTTP::request]] , or [URI::decode [HTTP::payload]] , this way, attacks including "jndi%3Aldap" do not succeed.
HTH