Http requests with the question mark symbol "?" in the URL are not being blocked although disallowed in the URL character list

Wasfi_Bounni · ‎03-Mar-2021

Hi;

Http requests with the question mark symbol "?" in the URL are not being blocked although "?" isdisallowed in the URL character list.

for example http://www.xyx.com/?/file.extension

Kindly

Wasfi

Simon_Blakely · ‎03-Mar-2021

You would either do that in an irule (on HTTP_REQUEST)

Or look at the

Security ›› Application Security : Parameters : Parameters List ›› Parameter Properties

for the * (wildcard) parameter

In the Name Meta Characters tab, select

Check characters on this parameter name

/ is already disallowed in the metacharacters

View solution in original post

Simon_Blakely · ‎03-Mar-2021

That question-mark isn't part of the URL - it is the Query Separator.

The URL is /

The Query String is /file.extension

Query string

Wasfi_Bounni · ‎03-Mar-2021

Thank you Simon. My aim is to block a URL that have the quetion mark in the manner asked. i.e. followed by any / character. However, if the question mark comes after the final / in the URL path, then I want it to be allowed: For example: http://www.xyz.com/abc/klm/file.php?

As I said, the question mark symbol is disallowed in the ASM policy under the URL character set section.