Forum Discussion

draco_184361's avatar
draco_184361
Icon for Nimbostratus rankNimbostratus
Nov 20, 2017

illegal redirection

I have created a lab setup with dvwa application server. And have placed the server behind F5. Before placing the server behind F5, I had tried XSS stored and had tried a url redirection using

.Now if i go XSS store, it redirects. So the DB is already corrupted. Now if i place the server behind F5, can i avoid this behaviour using the redirection protection , without doing any change in DB . I just want to block the redirection, so that user doesn't see the redirected page.Can i do it with F5 ?

application delivery
ASM Advanced WAF
BIG-IP
security

1 Reply

Sort By
  • Stanislas_Piro2's avatar
    Stanislas_Piro2
    Icon for Cumulonimbus rankCumulonimbus
    Nov 20, 2017

    is not a redirection but a script requesting to browse to another URL.

    illegal redirection only detect redirection like :

    302 Found
Location: https://hack-server.com/hack-me.php