Normalization

Prophaze WAF supports following normalisation techniques

  • URL-decoding

  • Null byte string termination

  • Self-referencing paths

  • Path back-references

  • Excessive use of white space

  • Comment removal

  • Conversion of (Windows-supported) backslash characters into forward slash characters.

  • Conversion of IIS-specific Unicode encoding (%uXXYY)

  • Decode HTML entities

  • Escaped characters

PreviousPHP Application ProtectionNextNegative Security Model

Last updated