Forum Discussion
Mohanad
Cirrostratus
Cirrostratusirule for mitigate open url redirection
hello everyone,
im looking for irule for mitigate open url redirection , i tired to use feature "Redirection Protection" but it's not working
Note ASM policy is blocking but "Redirection Protection" not working
POST /Account/Login?ReturnUrl=https://google.com HTTP/1.1
- Kevin_Davies
Nacreous
Version BIG-IP?
Wildcard exists in allowed redirect domains?
Block option for the Illegal Redirection Attempt violation is set?
MohanadHello Kevin
Thank you,
Version 15.0.1 - wildcard is not exist - block option is enforced
This was working in version 13, 1 will test again and open case with F5 support maybe it's bug
