regular expression would be for not blocking image files

[Laszlo Fischer]

Hi,

 

Does anyone know what the regular expression would be for not blocking image files like .png, .bmp in WAF, tried this one but it does not work:

/^https?:\/\/(.+\/)+.+(\.(gif|ico|woff|css|png|jpg|jpeg|webp|svg|psd|bmp|tif))$/i

[Rhonda Rowland1709152125]

The /<expr>/i   (may not be accepted by the appfw; I haven't tested but is the likely problem).

However, it is not needed anyway as URL comparisons are case-insensitive by default. (Only field formats will be case-sensitive in the WAF engine).  So, while REGEX is usually case sensitive, within the AppFw feature it depends.  Start and Deny URLs and relaxations are usually not case sensitive until you get to field format patterns.  (But always confirm during your testing.)

 

So correction:  this likely works:  ^https?:\/\/(.+\/)+.+(\.(gif|ico|woff|css|png|jpg|jpeg|webp|svg|psd|bmp|tif))$

but the /<expr>/i DOES NOT.

 

Alternate form also works. format based on the existing Start URL that is in place is a basic profile which uses the following format:

^[^?]+[.](jpg|gif|jpeg|gif|ico|woff|css|png|jpg|jpeg|webp|svg|psd|bmp|tif)$

 

Now, its possible if you are still having issues, check syslog for other denials or missing required Start URLS.

Also, be cautious of using broad urls if using URL closure.

 

 

 

[Laszlo Fischer]

ok thanks that works!