i have ASM running on 12.X and blocking URL with violation rate 1 as cross site scripting signature with 200000134 (link tag) parameter. This is randomly generated url for cloud service and i do not see any option to just disable this signature. if i accept this request then this will get learned however the new access will be with new url.
i am wondering what is the best way to allow this dynamic url which will not get this signature checked in 12.x . as i know on 13 , which can simply add url with signature id bypassed for this.
You can disable this signature globally on "Security ›› Application Security : Attack Signatures" page or create appropriate wildcard/explicit parameter on URL or globally and disable attack signature on it.
