肥皂Web服务请求由AWS Web应用程序防火墙交叉站点脚本规则阻止

以下请求被AWS Web App Firewall跨站点脚本规则阻止。但是什么是可疑的？对我来说一切都很正常！

POST /package.asmx HTTP/1.1
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; MS Web Services Client Protocol 4.0.30319.42000)
VsDebuggerCausalityData: uIDPo313Tw/LhjNJn3K1llXBHoEAAAAA9KbUetLg5kixdCJ3yXly/+zfyrFP4XJPrTb7S6ewbdQACQAA
Content-Type: text/xml; charset=utf-8
SOAPAction: "http://www.ingeneus.com.au/GetAccountStatus"
Host: www.eyecloud.net.au
Content-Length: 618
Expect: 100-continue
Connection: Keep-Alive

<?xml version="1.0" encoding="utf-8"?>
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
    <soap:Body>
        <GetAccountStatus xmlns="http://www.ingeneus.com.au/">
            <sBusinessDomainId>1</sBusinessDomainId>
            <strRddSerialNum>EC1600027</strRddSerialNum>
            <strPassword>2bb4f34fdff49f1f56b6e708ab49ff22</strPassword>
            <bRegisteredInCloud>false</bRegisteredInCloud>
            <bAssignedToClinic>false</bAssignedToClinic>
            <bAccountActive xsi:nil="true" />
            <cPaymentStatus xsi:nil="true" />
        </GetAccountStatus>
    </soap:Body>
</soap:Envelope>

标题SOAPAction: "http://www.ingeneus.com.au/GetAccountStatus"正在触发规则。

更改您的代码，以便将其删除或更改为SOAPAction: ""。

相关内容

最新更新

热门标签：