Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

wig
New Member

CSS 11503 - REGEX possibility

Hi,

Is there a way to use REGEX within the CSS?

If not, can we do it with the enhanced feature set?

GOAL:

In order to protect ourself from XSS scripting, we would like to be able to use REGEX within a header-field to catch several pattern within a query string and send those to a donjon server or a 404 page via a content rule.

Regards,

Wig

3 REPLIES
Cisco Employee

Re: CSS 11503 - REGEX possibility

All you can do is this :

CSS11503-2(config-header-field-group[gd])# header-field test ?

msisdn HTTP extension MSISDN request header

referer HTTP Referer request header

accept HTTP Accept request header

encoding HTTP Accept-Encoding request header

charset HTTP Accept-Charset request header

connection HTTP Connection general header

cookies HTTP Cookie header

cache-control HTTP Cache-Control general header

pragma HTTP Pragma general header

host HTTP Host request header

language HTTP Accept-Language request header

user-agent HTTP User-Agent request header

request-line HTTP Request-Line

custom HTTP custom header field tag

CSS11503-2(config-header-field-group[gd])# header-field test user-agent

contain Header-Field exists and contains the header-string

equal Header-Field exists and is equal to the header-string

exist Header-Field exists in the request

not-contain Header-Field exists but does not contain the

header-string

not-equal Header-Field exists but does not equal the header-string

not-exist Header-Field does not exist in the request

CSS11503-2(config-header-field-group[gd])# header-field test user-agent ?

contain Header-Field exists and contains the header-string

equal Header-Field exists and is equal to the header-string

exist Header-Field exists in the request

not-contain Header-Field exists but does not contain the

header-string

not-equal Header-Field exists but does not equal the header-string

not-exist Header-Field does not exist in the request

CSS11503-2(config-header-field-group[gd])# header-field test user-agent

The CSM and ace both offer the possibility to use regex.

Gilles.

wig
New Member

Re: CSS 11503 - REGEX possibility

Thanks for the info,

Other than a Catalyst 6000series chassis module, is there other Cisco product that support Regex?

Do the AVS (Application Velocity System) support this?

Cisco Employee

Re: CSS 11503 - REGEX possibility

the ACE module will soon come out in an appliance version.

Gilles.

375
Views
0
Helpful
3
Replies