在UrlScan.ini中使用分号指定字符串 [英] Specifying string with semicolons in UrlScan.ini

问题描述

我想在IIS 6上使用UrlScan阻止用户代理.但是，我无法在字符串中指定带有分号的用户代理.我认为这是一个非常常见的情况，但是我无法在UrlScan.ini(其中使用分号进行注释)中找到任何有关如何转义分号的答案. 这是规则:

I want to block user-agents with UrlScan on IIS 6. However I am not able to specify a user-agent with a semicolon in the string. I think this is a very common scenario, but I can't find any answer on how to escape a semicolon in UrlScan.ini (where semicolon are used for commenting). This is the rule:

RuleList=DenyUserAgent
[DenyUserAgent]
DenyDataSection=AgentStrings
ScanHeaders=User-Agent
[AgentStrings]
Mozilla/5.0 (Windows NT 5.1; rv:6.0) Gecko/20100101 Firefox/10.0.2

我对其进行了测试，它阻止了所有以"Mozilla/5.0(Windows NT 5.1)"开头的用户代理，因为它会将字符串的其余部分视为注释.

I tested it and it blocks all the user-agents that start with "Mozilla/5.0 (Windows NT 5.1" because it considers the rest of the string as a comment.

推荐答案

似乎您需要对URL进行转义，即％3B

It seems like you would need to URL escape it, i.e. %3B

请参见 http://learn.iis.net/page.例如:aspx/476/common-urlscan-scenarios/；他们有一个这样的例子，就是在查询字符串中使用分号来阻止SQL注入攻击

See http://learn.iis.net/page.aspx/476/common-urlscan-scenarios/ for examples; one such example they have is blocking semicolon in the querystring to block a SQL injection attack

这篇关于在UrlScan.ini中使用分号指定字符串的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！