HTML_Script_Extension_Evasion signature triggers on .json files

Technote (troubleshooting)


Problem(Abstract)

The HTML_Script_Extension_Evasion signature will trigger and cause an interruption of service with web applications

Cause

There is a false positive in the HTML_Script_Extension_Evasion signature where it will trigger if a .json file is observed between script tags.

Resolving the problem

To resolve any outages caused by the signature, either turn off the block response in the Security Events policy or add a Response Filter to allow the traffic.


IBM Network IPS Documentation IBM Infrastructure Security Forums IBM Security Support Channel on YouTube IBM Fix Central Fixes and Updates IBM Security License Key and Download Center Subscribe to My Notifications for Important Product Alerts IBM Security Contact Support


Cross reference information
Segment Product Component Platform Version Edition
Security Proventia Virtualized Network Security Platform Not Applicable Firmware 3.1, 3.3, 4.1, 4.3, 4.4, 4.5, 4.6

Document information


More support for:

IBM Security Network Intrusion Prevention System
Protocol Analysis Module (PAM)

Software version:

1.8, 2.5, 3.3, 4.1, 4.3, 4.4, 4.5, 4.6, 4.6.1, 4.6.2

Operating system(s):

Firmware

Reference #:

1639035

Modified date:

2015-07-14

Translate my page

Content navigation