This section explains the limitations of the import script and manual changes that can be applied.
DAST scanners can report multiple issues that are not handled by the avi-iwaf-vpatch.py
script. Though many of them might be beyond the scope of WAF, some can be mitigated by appropriate settings in Avi Load Balancer. Following are some examples:
Issues related to click-jacking can be mitigated by adding a
X-Frame-Options
HTTP header.In the Avi Load Balancer admin UI, navigate to and select Add Header option.
Some issues related to cookies can be as follows:
A cookie has been set without the HttpOnly flag.
Cookie Does Not Contain the secure Attribute.
These can be set by selecting appropriate options under
.