search cancel

Clarification of CSSChecking, BadCSSChars, BadUrlChars ACO parameters

book

Article ID: 200072

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On Agents (SiteMinder) CA Single Sign On Federation (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) SITEMINDER

Issue/Introduction

 

Questions about some ACO parameters.

CSSChecking

  • Which HTTP methods are covered?
  • Which parts of the HTTP request are covered?
  • Which parts of the HTTP response are covered?

BadCSSChars 

  • Which HTTP methods are covered?
  • Which parts of the HTTP request are covered?
  • Which parts of the HTTP response are covered?

BadUrlChars

  • Which HTTP methods are covered?
  • Which parts of the HTTP request are covered?
  • Does the method apply to the HTTP response?

BadQueryChars

  • Which HTTP methods are covered?
  • Which parts of the HTTP request are covered?
  • Does the method apply to the HTTP response?

BadFormChars

  • Which HTTP methods are covered?
  • Which parts of the HTTP response are covered?
  • Does the method apply to HTTP requests?
  • Does this mechanism apply to all forms rendered from the Web Agent protected Web Application or is it somehow a subset? Either way please detail and explain.

Resolution

 

CSSChecking

  1. If set to yes then Web Agent checks for BadCSSChars;
  2. Applicable to all HTTP methods;
  3. Does not apply to response;

BadCSSChars

  1. All HTTP methods are covered;
  2. Complete URL ( URI + query);
  3. Does not apply to response;

BadUrlChars

  1. All HTTP methods are covered;
  2. Only URL;
  3. Does not apply to response;

BadQueryChars

  1. All HTTP methods are covered;
  2. Only query;
  3. Does not apply to response;

BadFormChars

  1. GET and POST HTTP methods and applicable to response only while redirecting users to the forms login page;
  2. Covers form fields other than target;