To reproduce this issue, a policy must be applied to ChatGPT traffic with a DLP security profile and SSL deep inspection enabled. The expected behavior is that the system filters posts containing credit card numbers by leveraging the built-in credit card data type to match the traffic, including cases where the credit card numbers are presented as a list separated by new lines.

Steps to reproduce:

• A DLP policy applied to ChatGPT traffic is needed. This policy must have SSL deep inspection enabled and the dlp profile applied:

• A DLP security profile configuration with a sensor configured with a dictionary matching DLP built in datatype:

• A ChatGPT post containing credit card numbers separated with new lines:

• Notice that the post was not blocked by DLP, even though it contains multiple valid credit card numbers.

Root Cause:

Upon analysis, it was found that this behavior is related to how ChatGPT formats data before sending it to the server.

• ChatGPT submits the content as JSON payloads.

• In decrypted HTTP POST requests, the data appears as a JSON string formatted this way, with the \n separator embedded in the string:

are these credit card numbers?\n4111111111111111\n4111 1111 1111 1111\n5555555555554444\n....

• The built-in Credit Card data type uses this regular expression with word boundaries (\b):
  
  

\b([2-6]{1}\d{3})[- ]?(\d{4})[- ]?(\d{2})[- ]?(\d{2})[- ]?(\d{2,4})\b

• Since the newline character \n is embedded into the string, it does not constitute a word boundary, so the regex fails to match credit card numbers.

Solution / Workaround:

To address this, a custom dictionary data type can be created for credit card detection without using the \b boundary included in the built-in data type.

This ensures that credit card numbers within ChatGPT traffic are detected correctly, even when separated by new lines.

Example configuration with the fix:

With this configuration, traffic is matched by DLP sensor and it is blocked correctly:

CLI Configuration with solution applied:

config firewall policy
    edit 24
        set name "chatgpt"
        set srcintf "fortilab-local-zone"
        set dstintf "virtual-wan-link"
        set action accept
        set srcaddr "all"
        set dstaddr "chatgpt"
        set schedule "always"
        set service "ALL"
        set utm-status enable
        set inspection-mode proxy
        set ssl-ssh-profile "deep-inspection"
        set dlp-profile "block-cc-profile"
        set application-list "default"
        set logtraffic all
        set nat enable
    next
end

config dlp profile
    edit "block-cc-profile"
        set feature-set proxy
        config rule
            edit 1
                set name "block-cc"
                set type message
                set proto http-post
                set filter-by sensor
                set sensor "cc"
                set action block
            next
        end
    next
end

config dlp sensor
    edit "cc"
        config entries
            edit 1
                set dictionary "custom-cc"
            next
        end
    next
end

config dlp dictionary
    edit "custom-cc"
        config entries
            edit 1
                set type "regex"
                set pattern "/([2-6]{1}\\d{3})[- ]?(\\d{4})[- ]?(\\d{2})[- ]?(\\d{2})[- ]?(\\d{2,4})/m"
                set repeat enable
            next
        end
    next
end

Important considerations:

•  The modified regex is less restrictive than the built-in Credit Card data type.
• This may result in false positives in some environments.
• This workaround is intended specifically for ChatGPT transactions. Other applications or websites that format strings differently may not require this adjustment.