Turn off File type check for a specific URL
Hi, we have some dynamic urls that from time to time will include a fullstop. Is is possible to disable only the illegal file type check for uris that start with "/foo/foo1/"? I would not want to disable ASM entirely, just the illegal file type check. Or if there is another way to deal with this scenario to prevent client selections with fullstop in it from being interpreted as an illegal file type, it would be great to hear how others are working with this type of scenario. Thank you.Solved1.3KViews0likes6CommentsDynamic URLs setting off illegal file type events. eg. https://site.com/email/jim@jim.com
Hi Guys, One of our applications dynamically passes text from an text box to the URL as the user types resulting in lots of illegal file type events. The text box allows users to enter an email address and as the user types, the app posts the data that is provided to check if the email is valid and if the email is already in use. I have tried to create a wildcard allows url eg. /api/email/* expecting that this path would then be excluded from the ASM policy rules however even with this exclusion in place the ilelgal file types rule is still triggered for every character typed. For the moment I have set a wildcard file type which will allow any file type to be requested which is not ideal however it provides usability. Any advice on rectifying this would be great. Thank you.237Views0likes1Comment