Forum Discussion
Yozzer
Mar 07, 2012Nimbostratus
XSS checks in irule
Hi
Can an irule check for special chars in a switch statement?
switch -glob [URI::decode [URI::query "?[HTTP::payload]" Param1]] {
"*<" {
set variable "xss"
}
"*>" {
set variable "xss"
}
"*)" {
set variable "xss"
}
"*%" {
set variable "xss"
}
And can i check another parameter using a switch statement after the first one (I only need to check 2)?
when HTTP_REQUEST_DATA {
switch -glob [URI::decode [URI::query "?[HTTP::payload]" Param1]] {
"<" {
set variable "xss"
}
">" {
set variable "xss"
}
")" {
set variable "xss"
}
"%" {
set variable "xss"
}
}
switch -glob [URI::decode [URI::query "?[HTTP::payload]" Param2]] {
"<" {
set variable "xss"
}
">" {
set variable "xss"
}
")" {
set variable "xss"
}
"%" {
set variable "xss"
}
}
Thanks
- hooleylistCirrostratusHi Yozzer,
- YozzerNimbostratusSo "*%*" for each would pick it up anywhere it appears?
- YozzerNimbostratusI have noticed that it wont trigger if i check for % or :
- YozzerNimbostratusHi
- YozzerNimbostratusThis seemed to solve the null byte issue and simplified my irule checks:
- YozzerNimbostratusHi
- hooleylistCirrostratusJason pointed out a nice trick for this. You can get a count of the number of instances of a character using split and llength:
- YozzerNimbostratusThanks Aaron, this worked
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects