Forum Discussion

Altocumulus

Sep 12, 2018

SEC7111 HTTP Security Compromised Generated by a JavaScript.

Hey everyone! I just ran into an issue that I haven't seen before. Let me give you some background: We have a backend web application running only on port 80 and publish this through a stan...

MVP

Sep 12, 2018

We're running 12.1.2 HF1. Do you mean using a Rewrite Profile?

Since we are using HTTP on the back-end I did a packet capture to see the traffic from the back-end server and I actually found where the link will appear. It's inside a JSON object as a key value. We must be able to change this using an iRule of some sort. Perhaps I was too general with my Stream Profile and need to translate the address together with the URI it might work better. Here is the output from the packet capture:

Do you have an idea on how we can best rewrite this URL inside the JSON object?

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

SEC7111 HTTP Security Compromised Generated by a JavaScript.

Recent Discussions

Background Tasks

APM with EntraID as idP / request signed

Should config via cli rather than gui?

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

Related Content

Inspecting a UCS file from a compromised BIG-IP

Javascript injecting systems effect on web application end users - a scenario review

Beware, your logs - how blocked log4shell, Spring4Shell etc requests can still lead to compromise

SSL Orchestrator Advanced Use Cases: Detecting Generative AI

Secure, Deliver and Optimize Your Modern Generative AI Apps with F5

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS