Skip to content

Form

About

General View of Form

When a new path is added on the Form tab, the view is as follows. By clicking the Add Common Rule for Form button, Form control is enabled for the relevant path. Now, when a request with Form content is made to this path, it will be subject to WAF rules based on the added rules. Before clicking the Add Common Rule for Form button, it appears as Rule Source > All Paths. The reason for this is that no Form control has been performed on the relevant path, so Form control has been inherited from All Paths. If it had been inherited from a Glob Path, it would have appeared as Rule Source > Relevant Glob Path (/admin/login.*).

LOGO

Example Form Variable Name and Variable Value

There are primarily two types of Form used in Form requests.

LOGO

It is used by default. All characters are sent encrypted before sending. (Spaces are converted to "(+)" sign, and special characters are converted to ASCII HEX values.) Here, requests come in the form of key=value (a=1) in the payload.

LOGO

If a file upload operation is to be performed via Form "multipart/form-data" is used.

Interface

Add Common Rule for Form Screen

LOGO

Add Common Rule for Form Form

- Virtual Host Group

Displays the information about which Virtual Host Group the relevant path belongs to.

- Path

Displays the information about the modified path.

- Area

Displays information about the modified control field.

- Argument Name

Shows that the changes will apply to all Form variables and their values.

- Form Key Length

Filters the length of each variable in the Form content by character count.

- Form Key Count

Filtered by the total number of variables that can appear in the Form.

- Block All Form Content

No Form content can be sent to the relevant path; it will be blocked.

- Block Invalid Form Content

"Unparseable" Form content cannot be sent to the relevant path; it will be blocked.

- Form Allowed Arguments

Allowed Form variables are used to determine the variables that can be sent to the relevant path. No request can be made to the relevant path with any variable other than the entered allowed variables; it will be blocked.

- Form Must Arguments

Form must argumentss are used to define the variables that must be present in the request made to the relevant path. If there is not a single mandatory Form variable in the request to the relevant path, the request cannot be made; it will be blocked.

- Allowed Upload Mime Types

Allowed Upload Mime Types are used in multipart/form-datarequests. If it is desired to restrict the mime types of uploaded files in the Form, the restriction mode is switched on and the names of the mime types to be allowed are written. It is checked whether the defined mime types are included in the calculated real mime type information of the uploaded file.

For example, when the restriction mode is switched on and "image" is written, all mime types containing "image" are allowed. Requests with mime types other than "image" will be blocked.

- OWASP Check in Upload

OWASP Check in Upload is used in multipart/form-data requests. It is used to specify whether the uploaded file and its contents in the Form should be subject to OWASP controls.

- Value Length

Filters the value length of each variable in the Form content by character count.

- OWASP Check

Specifies whether each variable and value in the Form content will be subject to OWASP controls.

- OWASP Exclusions

"Default: It is used by default. All characters are sent encrypted before sending. (Spaces are converted to "+" sign, and special characters are converted to ASCII HEX values.) Here, requests come in the form of key=value (a=1) in the payload.

- Detailed Log

Determines whether the variable or value where an attack is detected in the WAF log will be written to the description section.

- Value Regex Pattern

Used in cases where it is desired to restrict the value of each variable in the Form with RegEx.

- Max. Repeat

Specifies how many times the same Form variable name can be repeated at most.

- Add

Clicking the Add button adds the Form general setting.

- Interface Representation in TR7 ASP After Adding the Check Field

After adding the Form check field, the interface representation in TR7 ASP when clicked on the relevant path is as follows.

LOGO

Interface

Add Argument Rule for Form Screen

By clicking the Add Argument Rule for Form button, new definitions can be added specifically for a Form variable, except for the definitions made in the general settings.

LOGO

Add Argument Rule for Form Form

- Virtual Host Group

Displays the information about which Virtual Host Group the relevant path belongs to.

- Path

Displays the information about the modified path.

- Area

Displays information about the modified control field.

- Argument Mame

The name of the relevant Form variable is entered because the changes will be specifically defined for a single Form variable.

- Value Length

Filters the value length of the specified Form variable by character count.

- OWASP Check

Specifies whether the specified Form variable, variable, and value will be subject to OWASP Check.

- OWASP Exclusions

If subject to OWASP controls, OWASP Rules can be added as exceptions based on the structure of the incoming request.

- Detailed Log

Determines whether the variable or value where an attack is detected in the WAF log will be written to the description section.

- Value Regex Pattern

Used in cases where it is desired to restrict the value of the specified Form variable with RegEx.

- Max. Repeat

Specifies how many times the same Form variable name can be repeated at most.

- Add

Clicking the Add button adds the Form variable setting.

- Interface Representation of Form Variable Setting in TR7 ASP

After adding the Form variable setting, the interface representation in TR7 ASP when clicked on the relevant path is as follows.

LOGO