Forum Discussion
hooleylist
Aug 29, 2012Cirrostratus
You could try to use an iRule validate the HTTP requests which trigger the XSS being sent to the client, but iRules aren't very well suited for doing validation of payload parameters. That's where ASM (Application Security Manager) would really help. ASM provides full validation of the HTTP/S request components and provides very good default attack signatures and meta-character enforcement to mitigate XSS vulnerabilities.
Aaron