File: restrict-method-policy.xml

package info (click to toggle)
libowasp-esapi-java 2.1.0-3
  • links: PTS, VCS
  • area: main
  • in suites: buster, stretch
  • size: 7,480 kB
  • ctags: 4,161
  • sloc: java: 26,333; xml: 1,309; sh: 293; makefile: 4
file content (25 lines) | stat: -rw-r--r-- 568 bytes parent folder | download | duplicates (6) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
 
<?xml version="1.0" encoding="UTF-8"?>

	<!--
	This test file exemplifies a restrict-extension rule.

	Protection #1: any URI ending with .log will be rejected
	Protection #2: any URI ending with .jsp will be allowed
	-->

<policy>

	<settings>
		<mode>redirect</mode>
		<error-handling>
			<default-redirect-page>/security/error.jsp</default-redirect-page>
			<block-status>403</block-status>
		</error-handling>
	</settings>

	<url-rules>
		<restrict-extension deny="\.log$" />
		<restrict-extension allow="\.jsp$" />
	</url-rules>

</policy>