Forum Discussion
Don_Couture_211
Nimbostratus
NimbostratusXSS protection with an Irule?
I have searched and browsed the forums and codeshare but have not found any examples of using an Irule to protect against cross site scripting.
Wouldn't an Irule that replaces html tags < /> etc. be a natural fit?
I am going to try and write one I was just wondering if I am way off base here.
Don
wyoder_99262Hi, Joe:
One of our clients has been dinged by its auditing department for XSS vulnerabilities. The audit recommends:
"Filter all data collected from the client including user-supplied content and browser content such as Referrer and User-Agent headers."
It's been 5 years since this original message was posted. Are there new CodeShare additions that address this requirement?
Thanks a bunch,
Bill
hoolioCirrostratus
Hi Bill,
I don't think it's practical to implement full XSS detection in an iRule. You could try, but I think you'd always be a few steps behind attackers. iRules don't current provide native methods for handling all of the encoding methods that an attacker could use. Not to give you a sales pitch, but F5 offers the ASM web app firewall. It does provide very complete XSS protection along with a lot of other positive and negative validations for SQL injection, bots, etc. And there are plenty of competitors you could check out as well.
Aaron- wyoder_99262Hi, Aaron:
What you're saying makes good sense. It's time for me to check out the ASM module.
Bill
