Abstract
Cross-site scripting (XSS) is an attack that leverages the ability of a malicious actor to submit data or commands through user input forms or through client-side manipulation of the Uniform Resource Locator. Web application firewalls (WAFs) are a first line of defense where common Uniform Resource Locator (URL) patterns are analyzed to detect and block known attacks.
This paper describes a novel configuration using the Pulse Secure© Pulse Connect Secure© (PCS©) Secure Socket Layer Virtual Private Network software and Pulse Secure© Virtual Web Application Firewall (vWAF) that protects a website from XSS attacks. This paper also presents novel aspects of the configuration that control the redirection of traffic through the vWAF and provide fine-grained behavioral control at the application level while decoupling the PCS and vWAF configurations.
