Forum Discussion
Joachim_Roessne
Oct 29, 2015Nimbostratus
This one is driving me crazy. I can't figure out how to tell ASM to not inspect Request that belong to /sites/pentest/*
It is still complaining with Requests like
/sites/pentest/lists/discussion0x20board/style0x20type=textcssbodybackgroundurl(javascriptalert('xss'))style
Of course it detects Attack signtature on that URL. But how to allow that for a certain URL ?
Any suggestions? Maybe the only way is to disable ASM by iRule when a request for /sites/pentest arrives. But thats not a good solution.
- Joachim