Forum Discussion
Moinul_Rony
Jan 22, 2015Altostratus
F5 is not blocking Cross Site Script attack
Hi, This is a general question for F5 11.2.0 version software around where we go about enabling the Cross Site scripting. Is this being done via the CSRF Protection mechanism. Are we able to enable i...
Eric_St__John
Jan 22, 2015Employee
Cross site scripting protection is handled with the attack signatures. You can place the policy into blocking mode and then place the attack signatures into alert only mode, or place the entire policy into transparent.
You will have to make sure that whatever URI, filename, and parameters are learned and enforced if you are tightening the policy.
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects