HTTP PROFILE
NOTE:
Ensure that the vulnerability “Protocol Enforcement” is in the Application during Process creation. If it is not selected, the configured parameters are not enforced by VSP-Web (on Web Server) on the requests. Refer VSP-Web (on Web Server) Workflow Section for more information
-
Navigate to the tab HTTP Profile
-
Define constraints on the HTTP protocol elements described in the table below:
Parameter
Description
Allowed HTTP Versions
All the allowed HTTP version numbers. Example: HTTP/0.9, HTTP/1
Allowed HTTP Methods
All the allowed HTTP Methods. Example: POST, GET, PUT
Allowed Content Types
All the allowed Content Type value
Forbidden File Extension
Forbidden file extensions during File Upload. Example: .tmp, .exe
Max Parameters
Maximum number of parameters allowed in both URL and request body
Max Parameter Name Length
Maximum length for any parameter name in URL and request body (in bytes)
Max Parameter Value Length
Maximum length for any parameter value in URL and request body (in bytes)
Max Upload Files
Maximum number of file uploads allowed per HTTP request
Max Upload File Size
Maximum size of file uploads allowed per HTTP request (in bytes)
Table – HTTP Profile Parameters
-
The Profile can be enabled or disabled
-
Click SAVE
