Q&A: What are the default meta characters that are not allowed in a Parameter Name for a WAF policy?

Question

• In relationship to "Illegal meta character in Parameter Name", what are the default meta characters that are not allowed in a Parameter Name for a WAF policy?

Environment

• Silverline WAF
  • WAF policy/policies
  • Illegal meta character in Parameter Name

Answer

• These are the meta characters that are disallowed by default

• Hex	Char	State
  0x0	NULL	Disallow  (cannot be set to allow)
  0x1	SOH	Disallow
  0x2	STX	Disallow
  0x3	ETX	Disallow
  0x4	EOT	Disallow
  0x5	ENQ	Disallow
  0x6	ACK	Disallow
  0x7	BEL	Disallow
  0x8	BS	Disallow
  0x9	TAB	Disallow
  0xa	LF	Disallow
  0xb	VT	Disallow
  0xc	FF	Disallow
  0xd	CR	Disallow
  0xe	SO	Disallow
  0xf	SI	Disallow
  0x10	DLE	Disallow
  0x11	DC1	Disallow
  0x12	DC2	Disallow
  0x13	DC3	Disallow
  0x14	DC4	Disallow
  0x15	NAK	Disallow
  0x16	SYN	Disallow
  0x17	ETB	Disallow
  0x18	CAN	Disallow
  0x19	EB	Disallow
  0x1a	SUB	Disallow
  0x1b	ESC	Disallow
  0x1c	FS	Disallow
  0x1d	GS	Disallow
  0x1e	RS	Disallow
  0x1f	US	Disallow
  0x21	!	Disallow
  0x22	"	Disallow
  0x23	#	Disallow
  0x24	$	Disallow
  0x25	%	Disallow
  0x26	&	Disallow
  0x27	'	Disallow
  0x2a	*	Disallow
  0x2f	/	Disallow
  0x3a	:	Disallow
  0x3b	;	Disallow
  0x3c	<	Disallow
  0x3d	=	Disallow
  0x3e	>	Disallow
  0x3f	?	Disallow
  0x40	@	Disallow
  0x5b	[	Disallow
  0x5c	\	Disallow
  0x5d	]	Disallow
  0x5e	^	Disallow
  0x60	`	Disallow
  0x7b	{	Disallow
  0x7c	|	Disallow
  0x7d	}	Disallow
  0x7e	~	Disallow
  0x7f	DEL	Disallow

Related Content

• Q&A: What information does Silverline Need to Effectively Implement Illegal Meta character Violations?