Fortinet black logo

CLI Reference

waf xml-exempted-urls

waf xml-exempted-urls

When you configure schema location to forbid using location field to perform malicious requests, you can use this command to exempt specific URLs from XML protection.

Syntax

config waf xml-exempted-urls

edit "<xml-exempted-urls_name>"

config exempted-url-list

edit exempted-url-list <exempted-url-list_str>

set url-type {plain | regular}

set exempted-url <exempted-url_str>

next

end

next

end

Variable

Description

Default

"<xml-exempted-urls_name>"

Enter the name for the Exempted URLs list.

No default.

exempted-url-list <exempted-url-list_str>

Enter the ID for the he Exempted URLs list.

No default.

url-type {plain | regular}

Select whether the exempted-url <exempted-url_str>field must contain either

  • plain —The field is a string that the request URL must match exactly.
  • regular—The field is a regular expression that defines a set of matching URLs.
No default.

exempted-url <exempted-url_str>

Depending on your selection in url-type {plain | regular}, enter either:

  • plain —The literal URL, such as /index.php, that the HTTP request must contain in order to match the rule. The URL must begin with s slash (/).
  • regular—A regular expression, such as ^/*.php, matching the URLs to which the rule should apply. The pattern does not require a slash ( / ), but it must match URLs that begin with a slash, such as /index.cfm.
No default.

Related topics

waf xml-exempted-urls

waf xml-exempted-urls

When you configure schema location to forbid using location field to perform malicious requests, you can use this command to exempt specific URLs from XML protection.

Syntax

config waf xml-exempted-urls

edit "<xml-exempted-urls_name>"

config exempted-url-list

edit exempted-url-list <exempted-url-list_str>

set url-type {plain | regular}

set exempted-url <exempted-url_str>

next

end

next

end

Variable

Description

Default

"<xml-exempted-urls_name>"

Enter the name for the Exempted URLs list.

No default.

exempted-url-list <exempted-url-list_str>

Enter the ID for the he Exempted URLs list.

No default.

url-type {plain | regular}

Select whether the exempted-url <exempted-url_str>field must contain either

  • plain —The field is a string that the request URL must match exactly.
  • regular—The field is a regular expression that defines a set of matching URLs.
No default.

exempted-url <exempted-url_str>

Depending on your selection in url-type {plain | regular}, enter either:

  • plain —The literal URL, such as /index.php, that the HTTP request must contain in order to match the rule. The URL must begin with s slash (/).
  • regular—A regular expression, such as ^/*.php, matching the URLs to which the rule should apply. The pattern does not require a slash ( / ), but it must match URLs that begin with a slash, such as /index.cfm.
No default.

Related topics