IBM Support

HTML_Script_Extension_Evasion signature triggers on .json files

Technote (troubleshooting)


The HTML_Script_Extension_Evasion signature will trigger and cause an interruption of service with web applications


There is a false positive in the HTML_Script_Extension_Evasion signature where it will trigger if a .json file is observed between script tags.

Resolving the problem

To resolve any outages caused by the signature, either turn off the block response in the Security Events policy or add a Response Filter to allow the traffic.

Cross reference information
Segment Product Component Platform Version Edition
Security Proventia Virtualized Network Security Platform Not Applicable Firmware 3.1, 3.3, 4.1, 4.3, 4.4, 4.5, 4.6

Document information

More support for: IBM Security Network Intrusion Prevention System
Protocol Analysis Module (PAM)

Software version: 4.6.1, 4.6.2

Operating system(s): Firmware

Reference #: 1639035

Modified date: 23 April 2015

Translate this page: