SalC
Apr 27, 2023Altostratus
WAF / ASM : Referer: android-app://com.google.android.gm - Evasion Technique detected
Been seeing this Evasion Technique on the referer Header popping up in learning suggestions. I'm hesitant to follow the learning suggestion to Set Evasion Techniques Violations to disabled on the referer. The detected evasion technique is Multiple slashes, This seems like something Android is doing that might be breaking the HTTP spec, or if not, should I pester F5 to not detect this? Like I said, I'm hesitant to disable the Multiple slashes evasion technique outright,
Thanks for any feedback or insight!