[c-nsp] ACE Regex filtering for url match trouble with %
Lincoln Dale
ltd at cisco.com
Mon Aug 25 03:53:15 EDT 2008
ben.steele at internode.on.net wrote:
> FWIW I did manage to get this to match by telling it to match an
> ASCII space instead ie .*selectx20.* however this is more of a hack
> for my original request so I will still chase up with TAC.
>
i haven't looked at the ACE source code / firmware, but it may well be
that it does a first-pass of converting "%(something)" to a non-encoded
value first (in this case, a " "), because otherwise it would be trivial
for a hacker to bypass said filter(s).
you could see if regex ".*select\s.*" works too.
cheers,
lincoln.
More information about the cisco-nsp
mailing list