Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
BoiceLu
New Contributor

Exception setting for HTTP Body content -iframe injection

Hello, my company website uses the Google GTM service and is triggered by the iframe tag.

We hope that the iframe alarm can be maintained to avoid being injected by hackers, but the URL of the GTM service can be set as an exception.

I have used the built-in exception exclusion function, but obviously there is no way to deal with the http body. Can anyone provide suggestions or assistance? Thank you.

 

Signature <iframe src=https://www.googletagmanager.com/ns.html?id=xxxxxxx height="0" width="0" style="display:none;visibility:hidden"></iframe>

 

Desired effect

If see other iframe tags, will be alerted, but the tag content contains src=https://www.googletagmanager.com/ns.html?id=xxxxxxx,  set exception

3 REPLIES 3
dkv
New Contributor

Hi BoiceLu, did you manage it?

itwwhite
New Contributor

Hi.... Did anyone find a solution to this?

okhatab
Staff
Staff

Hi BoiceLu,

 

You can disable the signature blocking the iframe and create and deploy a custom signature that will allow only the matched URL in the Response Body, and block allow other iframe URLs, using the URL expression (<iframe\b.*?\bsrc="(?!http:\/\/(URL required)).*?".*?>).

 

 

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors