Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions
Custom Alert Banner

F5 AppWorld 2024 session proposal deadline extended to Friday, December 8th!

WAF / ASM : Referer: android-app://com.google.android.gm - Evasion Technique detected

SalC
Altostratus
Altostratus

‎27-Apr-2023 07:55

Been seeing this Evasion Technique on the referer Header popping up in learning suggestions.  I'm hesitant to follow the learning suggestion to Set Evasion Techniques Violations to disabled on the referer.  The detected evasion technique is Multiple slashes,  This seems like something Android is doing that might be breaking the HTTP spec, or if not, should I pester F5 to not detect this?  Like I said, I'm hesitant to disable the Multiple slashes evasion technique outright,

Thanks for any feedback or insight!

Labels:
0 Kudos
2 REPLIES 2

Leslie_Hubertus
Community Manager
Community Manager

‎01-May-2023 16:31

Hi @SalC - I'm featuring your post in today's Community Highlights to boost the chances someone in the community will come by with an answer for you. 

boneyard
MVP
MVP

‎09-Jul-2023 06:16

Seems to happen for more people and was sort of an attack at some time, but then mainly for trailing slashes, is that also in your case?

I think what mainly matters is if that breaks funtionality on your website? Do you see traffic which feels legimate that triggers this alert? Because if not I would certainly not disable the alert. If it seems to be needed I would look into only disabling it in the cases needed.

0 Kudos
Copyright © 2023 Khoros, LLC