(default) Header Value Sanity
Deny Rule Group – (default) Header Value Sanity

SANITY_HEADER_VALUE

  • Prevents the injection of special encoded characters in header values.

Included Deny Rules

Rule name
Basic
Standard
Strict
(default SAN_010b) Full-/half-width unicode in HTTP header value
Icon - ON
Icon - ON
Icon - ON
(default SAN_030b) Enforce printable ASCII characters in HTTP header value
Icon - ON
Icon - ON
Icon - ON
(default SAN_040b) Sanity check of Content-Type header value
Icon - ON
Icon - ON
Icon - ON
(default SAN_045b) Sanity check of multipart content-type header value
Icon - ON
Icon - ON
Icon - ON
(default SAN_050b) Unsafe character in HTTP header value
Icon - ON
Icon - ON
(default SAN_060b) Header value longer than 300 characters
Icon - ON
Icon - ON
(default SAN_070b) Sanity check of Accept-Encoding header value
 
Icon - ON
Icon - ON