WebCombo - Request Blocked by WAF (Imperva Secure Sphere Firewall)

2 replies. Last post: November 20, 2020 11:02 AM by Giridhar JG
Tags :
  • (None)
  • New Discussion
  • New Question
  • New Product Feedback
Giridhar JGMember

Hello, 

We are facing the below-mentioned issues of requests being blocked by WAF (Imperva Secure Sphere Firewall

1. part="select"

Matched Text : %3CWebCombo%20SharedScriptDirectory%3D%22/eFACiLiTYProd/CommonLibrary/S hared/%22%20DataValueField%3D%22C_SP_ID%22%20DataTextField%3D%22C_SP_ NAME%22%20AdditionalSearchFields%3D%22C_SP_ID%22%20AllowWildCardSearch %3D%22True%22%20HasDataSource%3D%22True%22%20UseCssFramework%3D% 22False%22%20ServerUniqueID%3D%22ddl_spaceuser%22%20UseWebResourcesFo rScript%3D%22True%22%20UseWebResourcesForClient%3D%22True%22%20Rende ringMode%3D%22HTML5%22%3E%3CText%3E%3C%21%5BCDATA%5BAll%5D%5D %3E%3C/Text%3E%3CValue%3E%3C%21%5BCDATA%5BAll%5D%5D%3E%3C/Value %3E%3CLayoutSettings%20AlwaysShowHelpButton%3D%22False%22%20ComboMo de%3D%22MultipleColumns%22%20ColumnWidthDefault%3D%22200px%22%20Scr iptDirectory%3D%22/eFACiLiTYProd/CommonLibrary/WebCombo/%22%20AllowText Wrapping%3D%22True%22%20ResultBoxWindowType%3D%22Normal%22%20Enab leAnimation%3D%22True%22%20XhtmlSearchImage%3D%22../../CommonLibrary/Im ages/ISRes.png%22%20ColumnSeparatorColor%3D%22154%2C%20198%2C%20255 %22%3E%3CClientSideEvents%20OnInitialize%3D%22Combo_OnInitialize%22%20O nShowDropDown%3D%22Combo_OnShowDropDown%22/%3E%3CTextSettings/%3E %3C/LayoutSettings%3E%3CLinkSettings/%3E%3CMultipleSelectionSettings/%3E%3 CIntegrationSettings/%3E%3CFlyPostBackSettings/%3E%3CColumns%3E%3CWebCo mboColumn%20HeaderText%3D%22Staff%20Name%22%20BaseFieldName%3D%2 2C_SP_NAME%22%20Width%3D%22100%25%22%20Name%3D%22C_SP_NAME%22 /%3E%3CWebComboColumn%20Position%3D%221%22%20BaseFieldName%3D%22 SNO%22%20Width%3D%22200px%22%20Hidden%3D%22True%22%20DataType%3 D%22System.Int32%22%20Name%3D%22SNO%22/%3E%3CWebComboColumn%20 HeaderText%3D%22Staff%20ID%22%20Position%3D%222%22%20BaseFieldName% 3D%22C_SP_ID%22%20Width%3D%22200px%22%20Name%3D%22C_SP_ID%22/%3 E%3C/Columns%3E%3C/WebCombo%3E 

2. Signature Violation ../../ Found In :     post-parameters Recommended Signatures Policy for Web Applications Signature :     part="../", rgxp="\.{2,}[\/\\]+(\.[\/\\]+)?\.{2,}[\\\ /]" Matched Text :     ../../ Found In :     post-parameters Offset :     1022 Dictionary Name

3. Illegal Byte Code Character in Parameter Value - Attached Screen Shot

Kindly help us to resolve the issue

Thanks in Advance


1 attachment
All times are GMT -5. The time now is 5:52 PM.
Previous Next