[mod-security-users] REQUEST_COOKIES_NAMES
Brought to you by:
victorhora,
zimmerletw
From: Nicholas V. <nvu...@ya...> - 2007-01-26 15:06:35
|
Can I use REQUEST_COOKIES_NAMES to exclude cookie names from being include = a XSS rule match (950004)? Adding !REQUEST_COOKIES_NAMES does not seems to = work.=0A=0AIs there a way to exclude cookie names that include .cookie in t= heir name from triggering using some thing like !REQUEST_COOKIES_NAMES:[.]c= ookie=0A=0A=0A=0A=0A =0A___________________________________________________= _________________________________=0AFinding fabulous fares is fun. =0ALet = Yahoo! FareChase search your favorite travel sites to find flight and hotel= bargains.=0Ahttp://farechase.yahoo.com/promo-generic-14795097 |