URL encoded chars %3C and %3E are blocked with BadCSSChars in WebAgent
search cancel

URL encoded chars %3C and %3E are blocked with BadCSSChars in WebAgent

book

Article ID: 52422

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On SITEMINDER

Issue/Introduction

 

If BadCSSChars is defined as such:

BadCSSChars = <,>

Is this normal that URL-encoded chars (%3C and %3E) are blocked by SiteMinder WebAgent?

 

Environment

 

Web Agent Version: 12.52.x

 

Resolution

 

Yes, this is normal.

Encoded characters are also blocked, even if the encoded value is not specifically defined in the BadCSSChars list. So when defining > in BadCSSChars, the character > and the corresponding encoded character %3E will be blocked by SiteMinder WebAgent.

 

Powered by Wolken Software