Jump to content
Welcome to our new Citrix community!
  • 0

Citrix WAF Field Format relaxation issue

amr fawzy1709157741


3 answers to this question

Recommended Posts

  • 0

First off, for field format do you have a default field format specified or did you leave it with no default field format? 

If a "default field format" is specified, then every field must match that format or be explicitly configured in relaxations. (Usually, a default field format is not specified for this reason).

If no default field format set, then only fields explicitly listed in the field format relaxation are protected and then you need to adjust the regex specified. (or not configure the field at all.)


Usually, field format isn't needed unless you have a specific field to enforce with a specific pattern when 1) the app has a specific vulnerabilty and 2) other protections aren't closing the gap.

  • Like 1
Link to comment
  • 0

This is an URL with a query string. I guess, the query string is different every time you see it. It takes a RegEx to define valid parameters, learning won't help very much..


I could create a RegEx for you, however, the screen-shot is a mess, so I can't. I guess, you could cut&paste the log entry here. This would make it easier for me.

Anyway, something like ^https?://support\.its\.ws/arsys/BackChannel?param= would work, but is extremely insecure, as any additional parameters in any size would be permitted.




Johannes Norz


https://norz.at https://wonderkitchen.network

Link to comment

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Create New...