Gerar imagem para bloqueio de página via WAF
· 4 min read
Olá Pessoal,
Acredito que temos alguns exemplos sobre as características de como iremos mostrar uma mensagem de erro à partir do momento que temos políticas de WAF aplicadas para determinadas aplicações(externas ou internas) para que de alguma forma possa ser explorado o problema do bloqueio ou muitas das vezes o porque ele esta sendo bloqueado.
Temos muitos casos que na evolução da implementação de políticas de WAF os falsos positivos podem ser gerados por alguma característica da aplicação ou muitas das vezes pelo não conhecimento de como funciona aplicação(aplicações legadas não documentadas), obviamente podemos pensar em métodos de aprendizagem que são executados e que pode ser amenizado as características de falso positivo.
A principio esse post é para trazer exemplos e idéias de como podemos criar uma página HTML para que seja exibido uma imagem/texto através de página HTML sendo executada pelo nosso balanceador de carga, neste exemplo o Netscaler. Inicialmente vou segregar em duas partes, pois o contexto é criar a página HTML e para não ficar extenso, no post subsequente coloco a configuração de nosso Netscaler para apresentar essa página.
Talvez vocês se perguntem, porque eu gostaria de colocar imagem nessa página? Minha resposta seria para deixar mais bonita (rsrsrs!!) e também para que tenhamos maior autonomia dessa imagem e não precise dos times de servidores hospedando a imagem ou de consultas em URLs externas.
Vale ressaltar que no âmbito de mostrar o erro nessa página para um atacante colocando que foi bloqueado pelo ID x ou Y, com log de violação X ou Y ou qualquer outra informação não é recomendado, porém o contexto aqui é demonstrar como podemos trabalhar no contexto de validação de regras ou testes para PoC ou de “quality assurance”.
Desenvolvimento
Na verdade alguns posts, documentação eu fui capturando as informações para consolidar essa idéia e para que de alguma forma possa ajudar vocês a construir os exemplos que absorvem da melhor forma em seus ambientes.
Alguns links capturados para o entendimento e desenvolvimento:
Vale reforçar que as images não são hospedadas no Netscaler, e sim elas são processadas via HTML usando a decodificação de BASE64, para que seja renderizada no browser do cliente. Para converter as imagens podem ser utilizados alguns sites que geram os códigos colocados em nosso exemplo. Segue abaixo:
Apenas um item vivenciado é que para a página HTML de erro do WAF temos uma limitação de 20KB, ou seja, as imagens não podem ter uma resolução muito grande, pois você vai precisar diminuir o arquivo para que essa página HTML não exceda o valor. Neste meu exemplo abaixo tenho um arquivo de 16KB.
HTML Code
Logo abaixo você verá um exemplo de uma página implementada para demonstrar as imagens e logs capturados através do Netscaler.
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>WAF Error Message - IMAGE</title>
<!-- Favicon -->
<!-- Typically, the favicon is a small image file (16x16 or 32x32 pixels) -->
<style>
body {
font-family: Arial, sans-serif;
text-align: center;
background-color: #f4f4f4;
padding: 50px;
}
ul {
list-style-type: none;
padding-left: 0;
text-align: left;
}
li {
margin-bottom: 10px;
}
.container {
background-color: white;
padding: 50px;
border-radius: 50px;
box-shadow: 0 0 10px rgba(0, 0, 0, 0.1);
max-width: 1020px;
margin: 0 auto;
}
img {
max-width: 200px;
margin-bottom: 40px;
}
h1 {
color: #333;
}
p {
color: #666;
font-size: 18px;
}
a {
color: #007bff;
text-decoration: none;
font-weight: bold;
}
a:hover {
text-decoration: underline;
}
</style>
</head>
<body>
<div class="container">
<!-- Company Logo -->
<img alt="" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAIAAAACACAYAAADDPmHLAAAABHNCSVQICAgIfAhkiAAAAAlwSFlzAAADsQAAA7EB9YPtSQAAABl0RVh0U29mdHdhcmUAd3d3Lmlua3NjYXBlLm9yZ5vuPBoAABDfSURBVHic7Z15kBzVecB/3XPtPbvaS9Ieklh0IoQkkECAMLaEAiIBl02wSexyiKsoYleKCklMLlN2qKR8FOWy49ghppDtVAg2CjExR4WAcLAuQAgkoXsPabXn7M7szM599csfo52dnpndmdnd2Z6jf1VdU6/f915/Pd/X/e7XUL6YgT8Bfgs4AVHChwKMAC8Bexbizyt2VgAn0N4wWh0/Byzz/heLFCtwHu2NoPXxs/n+kcXKd9H+zy+U4y5pnn9msWECRoGGqRPmigZWrHuIyuo27bTKA0IoTDpsKEKAiOJz9+AYeQshooliLxm1UlAj1pFgfID1256gvul6jdTJL7LJRtDnAaDaugEA+/AbiSK3youvlqY0J5+wNm7QQo9FwWgwqMJVtV3JIi3l5gAp9ytJhnRyJYFIPpF6r3K5OYBOEroDlDnlVgnMCY+rj4B3GCEUrVXJCtlgosZ6DZbKlKrOjOgOkAa/Z4izx76De+Ki1qrMAYmlnbtYvfkrWUnrDpBEJOzlxKG/Iegb01qVOSIY6X+TaDRAx9pHMkrrdYAkhvteL2LjTzM2eBC/pz+jnP4GSMLlOKMKS7IJWTZppE1uRKMBSKiveJwXqLZumzWN7gBJKNGgKryk9U6a2+/TSJvcuHTmOwS8V+JhJRrImEYvAsoc3QHKHN0Byhy9DpCELJtVYdf4u3gnz2mkTW6E/KOqsGQwzyA5je4ASdTUd2EfeS8ejoQniYQnNdRo7lTVrsoooxcBSSxfdS9Gc63Wasyb+uZN1FhXZ5TTHSAJc0UD1+/4Rk796YVGffMmNmz7q6xk9SIgDXVL1rH9rn/FYfuAgKeYBoPM1NRfG5/kEgjYM6bRHWAGZIOZpmU7tFYj7+hFQJmjO0CZoztAmaM7QJmTbSXQDLRc/S1mliWfCHhH8nYxSTJgsliRs+iRywkhCAWdSJKMyWKdV1azOcAu4HPA3UDHvK5SwLz7xpfzfg2zpZ76li00t91G09JbQJrbgiy/Z4jL51/APnyUSNgLgMlST0v7HXSu/RxmS33OeabTZBPwfeDOOWmpMys19V1ce/0jWJs25pRubPAg5z54GiUaShtvsli57ua/Uy10cbvs+NyueNg7eZ4r53+oSpe8UuAB4NfAmpy008maUGCC0SsHkGVz1quSXPYzfHz07xFKeEYZJRpkfOgILW07MZprYtcK+gmHpie4hIN2Ju3vqdIlVgLvAV4AqrO9GZ25IYRC7+l9DPb8dzbSdJ/4MUKJZJSMhD30nt6Xky5TdYC1wC9JfiPUNCDtehg27UJashwMesdhItKlHvC6ZxYQCsLrgP4TKB+9Au5xVXTPqWepsV4za3HgcfbicfWqzu35ZD3f/FoHPr/CX37jEsdPeuNx40NHiITcWQ9oTVn020CN6uZuuhfpK89Ade4Vi7JAicLwGJhqZhWTGtqg/XoM238f5c1/Rpx4LR4nRJTuk89w4yd/MGPF0O3sVoXrag3857611FTHntUXn1tL103HVXl6XH3UN2/K6jZkYDNwv0rpzXuQ/vx53fizMekCJYdBIqMF+e7HkW7YqzrtcfUyPnJ0xmTJEzubG01x4wN0LLdgMqmdJxr1Z62WTKziN425EumRfwK5dFfNLgSSa2JO6eTdX4U69VDz+OChGeWTh6V7Lwd48/+ma/b7/sNGOCyS0rRkrY+RWHs/jnTrA9CY224ZFQZ4dCW0WOAnl6DPlzlNqwUeXSURUgQ/7gPnzBXcwkMImKMDYLQgb7oH5eDP46cmbB/OKF7ffAOybEK52gIQAvY+dIa9uxvw+qK89Y5LJW+pbKLGujJ7dYBO1ZkNt2edGKDKAPu3S+xsjIW/0AGbDwgcsxi0oxJe3SGxqgpA4p5WuPOgQElZ0F6geCYhkrlWPiOdm4lt1BUjFHShKOG0C1CMpmqWX3MvA92/ip8LhwUvv+5In/XaB0nfvZMemVgX7zT1rVknTjY+QIMJNs3SO6k2fowtVqgrogaGZJ/f0jGpeknSGUE44JxRftWGL1HbkLlrpnn5bSxftTejXCIyyd3BWZb91UbYvx2V8QEmI3B6hjmUnZXwepLxAU5NxtIVBUoUnHN8/U+R5j9O2rwpSdzMDbf/I62du0j3dEuykY41D7B++xNp42djTs9dtRFe3AY7G9UXCyrw8HHBWJreys5KeG2HxIok448G4Y8+KKLXv8Mec4JFxmCsZN2Nj9O55gHGh4/icw8gSQaq61bQvPw2LFVzm8OYswNUGeDFbVLKkx9S4IsfCN6wpabpqIRX0hjfFoTfOyK44E1NU7DM8/U/X6pqO+ms7cwsmCU5OUC6Mh9ixv/CB4LXR1PTpCvzIWb83z0iOOvJVWXtkHye2Xv+ipCsJ4SUu/EBGB3WWoMFJysH0I0PhELgTN/00gJFCWc1QJSJjEWAUUpv/KACf3Bs5jK/pIwPSLbhWC+MhoQCDvov7Gd8+PDVXUwkqmraaG6/g/ZrP43RlPtAbkYH+Mzy1KZeuRmfcAjG09zsIuIYPc7Z978VnwkUQ+DzDHD53POMXP5fNu54khrrNTnlm7EIqExqspad8QFpZFCTpt8UHmcPp999Ksn4aoL+MU4d+jpBf+bVQIlkdID9Q3DsaieVMwyff7+8jE8oCOPaNv0unvjRjFPBEgkFnfTlOCEkowN4I7D7kGDL27DuLcGbaf6LkjU+IA1fUW28tNh4Jy8z6VDvT3Drtlpee2E9+/etZd3qSlWcbfC3RCNZjMZdJat+gKiAbm/6ClBJG9/nifX8aYh74rwqXF0l88rz62moj5luw5oqNtw2PZoolAhuZ0/WW+DPa2FIKRsfIRD9fZrX/CNh9dO8fKk5bnyANV0VqRNCcngDzNkBStr4ALYRJJ/2fdSWSnUTrOdSgKPHpnsjf/myPXVCSEVT1vnPaTCo5I0fCsbK/gKgvvkGJMkQHy1UFNj1mdM8eH8TXl+Ul15Vd06ZLfVUWzNvDTNFzg5Q8sYHpCuXcpvvl0dM5jqWrtzDcN/r8XM+v8JPX0jfL9Gx+rNIUvYv9pyKgHIwPmOjc5/ulSe6Nv4x1XUrMso1tGyl7dr7M8olkrUDlIPxJb8PafCy1mqkYDBWsXnnt2lcenN6AUli2cq72XjL13P+BE5WRUA5GB9Fgb4LBfPqT8ZormXjjieZdJxjfOgwPk/ChJC2nVm9IdLmm0nAakxv/NEg7D1cZJM5ZkHq74VA5s2VtaZuyTrqlqxbsPwyFgGfbaPkjY9tBBzjmeVKkIwOMBFWdzKUnPFdEwVZ7i8WGR3g5WHBc5fBHYF3J+CeEjK+5PMg9XVr3tunJRnrAIqAx04JHju1GOosHlLAB93nNB3mLQTKc5OoQAAunpvf6p4SoYjW4ywQAT9S99nYLB+d8nIAyeeF7rP6k59A+TjApBN6L5Z9mZ9MeTiAbSTW1Cvj2v5MlLYDKFGk/kvgKP4PQeaL0nWAQCDWt+/PfnZMOVJ6DiCA8VGkwX69vM+C0nKAYDA2qON2ZZbVAUrFAYSAsVGk4X6IFuZwbqFS/A4wNZhTBEO5hUjROoDkdSOGriC5i/ObfoVCcTmAANxOpNEhcE/muBuOTjqKwwEUJTZhwzaMFMh+F0ydzBS0A0g+b6wTxzGu99/nicJyAHF1PZ5rIrYbh/605x3tHSAcipXn7snYgI0+TLuoLK4DKFEkvw/h8yH5veBx60+5xiysAygKRCNIkQgiFIytsQsGIBiMGToUBCH02nsBkeIAUs85JFEHRgNCNoAkISVubSoBIvbZExQlZlBFgXBY1feuG7k4SH0DKAIiYYiEZzWibuDSoDwnherE0R2gzNEdoMzRHaDM0R2gzEltBYxeRJ87m2e82m49l0iKAyi/+YkWeuhohF4ElDm6A5Q5ugOUOUbADcQ/Nf2pB79E59qZv2atkzv24UFsV/riYZ/bxanDv1HJGObwsYeFQAZUH8JxafxVrFIkElLPcfB71duqybIJk3n2r5DnCxlQ7f1x6cxJTRQpZXxu9caTjpFBVTi2xZs2w2sy8HLiCfvwAH2nT2iiTCkS8HoJ+KbXJ7qdDhxJXx9rXHbLYqsVRwZ+Baje+4dfeZGxwX5tNCoxbAPTZX/A56X7xPuqeFk20dr5qcVWK44BCAFB4J6pk0o0Su+p40iyzJKlyzEYtJ86WIzYhwZwjo0gFIWxgct0nzxGOKk+0NZ1Hy3td+Tl+qGgn3AoGA+Hg3Ym7e+pZKYKHgPwKvA7yZkYjCZaOlZSXWdF1h0hSwRBnxe/e5JQMIjbaSeaZlp7jXUVm+/4LgZjZZo85o/bZceXsFDWO3meK+d/qJKZsmgU+DxwANiSKBCNhBnuu5gXBcuZiqpWrrvlybwZP1sSO4KcwE7gRY10KRvqm65n653fo6KqRWtVUgaDvMCDwB7gKWD7omtUwlTVtrNy3R/S3L6TQplVOVOh/sbVYxWxymEX0AqY86jLXiDeHda4rJ3ahiXzyjDo8xJMWHcQDgZxT6iHYpvbbp/XNWZDkmRMlgYqqlpoaNky5y3d80mmWl0f8KPFUAToAeLfPV279WbWbJ1f+9h2pQ/78HSni8s+xrljh1UyG7b/9byuUezog0Flju4AZY7uAAuIUGZfwp4pfrHySETv2VkAXPbTnHnvW4RDk7R13UfXxi8nSQjOH/8Bo/1vYals4rqb/5aa+i6VROwL4f9A0D/O0hW7WbPlT0luKfScepbB3l9jtlhZv+0JrI3XqeJ97gFOH30Kv3eIprbbaV/9cEbd9TfAAtB94l8IBRwIJcLAxZdwT6g7ziZsHzJy+Q2EiBLwjdL78XMpefR8/CwB3yhCRBm+9D9M2D5SxbsnLjDQ/V8IJULQb6f75DMpefSd+Rk+zwBCKIwNvINz7FhG3XUHWAACPltSeHTWeL9vZN55BLzqeIBgkkzIn/k7SLoDlDSZJ/gvRh3AAjxErEOpg5k7k9oSAycPHuD88XfndeFIKEgkHI6Ho5Fwiszxtx9Lm1aSjVgqm2ho2UJL+yc077PPF/l2gG3AL4j1KOaExzWBZxE+4ep2ds8aPzZ4kEtn/511N/4ZDS1b867PYpPPImAL8DZzMH6hEQo4OHXkm0yMfZQ23mCsmD1sSI5PfZukyKSkyZyHnCQjJ+WRjnw5gAH4NxL69osdoUQ4d+xplGgwJa61Y3pGT0VVa0rzrKFlC2ZLfTy8tCN1BlDirCBzRQMNreq3jbXxOiqqWtPKp9PDaKrG2pT5jZWvIam9xCaYxKlb0sTKDTdgsljydMn5E/T7cI3HatJKNIpzbATvpHrn8bVbH2Ppij0paR0j7xMM2GlefhtGc21KfCgwgX34KBU1y2ho3pz2+hO2jwh4h2lcdgvmioaU+HDIzfjQISyVTSxpvSltHi77abyTl2lcuo1QSM44ISRfDvA08PhUoKq2jk8/+heYKwq9IiW4+OH7RK5uVSeEwsdH3lH9iS3tn2D9tq9ppWBOZDMjKF9FQKsq0HlNERgfQMJcMV1uSpJMQ7PqVgiHiudbBClPt0j5gIaSLwdwJgYco0MoBfpZ9mQSm41ASkukmJqDkaja4D53SovHlq9m4GHgq1MB17iNA7/Yx+ot2zFZMtdMtSLk98WnwytKFMfIUMpKKYOxKqWbthARQsHlsCGEABHF5+7GMXIgWexQvuoA1cBFYFme8tdZGO7KZ+b3E5ttLPSjII99M5tu4fgi4Nfg5vRj9uOnxLroF4UVwPeBC0AgDzejH5kPhdgq8P3A7kTj/D+KmI36vgwvsQAAAABJRU5ErkJggg==" />
<!-- Message WAF-->
<h1>Your request has been blocked by a security policy<BR></h1>
<h3>Access has been blocked - if you feel this is in error, please contact the site administrators quoting the following:</h3>
<!-- Funny Image -->
<img src='data:image/jpeg;base64,/9j/4AAQSkZJRgABAQEASABIAAD/2wBDAA0JCgsKCA0LCgsODg0PEyAVExISEyccHhcgLikxMC4pLSwzOko+MzZGNywtQFdBRkxOUlNSMj5aYVpQYEpRUk//2wBDAQ4ODhMREyYVFSZPNS01T09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT0//wAARCACAALUDASIAAhEBAxEB/8QAHwAAAQUBAQEBAQEAAAAAAAAAAAECAwQFBgcICQoL/8QAtRAAAgEDAwIEAwUFBAQAAAF9AQIDAAQRBRIhMUEGE1FhByJxFDKBkaEII0KxwRVS0fAkM2JyggkKFhcYGRolJicoKSo0NTY3ODk6Q0RFRkdISUpTVFVWV1hZWmNkZWZnaGlqc3R1dnd4eXqDhIWGh4iJipKTlJWWl5iZmqKjpKWmp6ipqrKztLW2t7i5usLDxMXGx8jJytLT1NXW19jZ2uHi4+Tl5ufo6erx8vP09fb3+Pn6/8QAHwEAAwEBAQEBAQEBAQAAAAAAAAECAwQFBgcICQoL/8QAtREAAgECBAQDBAcFBAQAAQJ3AAECAxEEBSExBhJBUQdhcRMiMoEIFEKRobHBCSMzUvAVYnLRChYkNOEl8RcYGRomJygpKjU2Nzg5OkNERUZHSElKU1RVVldYWVpjZGVmZ2hpanN0dXZ3eHl6goOEhYaHiImKkpOUlZaXmJmaoqOkpaanqKmqsrO0tba3uLm6wsPExcbHyMnK0tPU1dbX2Nna4uPk5ebn6Onq8vP09fb3+Pn6/9oADAMBAAIRAxEAPwDz0qpx81PVB6j8aEjBI+cfrUvlIWIMijHsf8KYCeWCSCyinxQrvGZFxnnrT/LjLf61Rx6H/CrMdtF5YczLgnHCmmAyKwWQEieMAcnIb/CrkOjowybmBv8Avr/CrFlBb+TIJLhVLAAfI3r9ParsFrbyssYuwGPA+Q0AUE0+IRsjXESNuBBwxGOfakls4ocK91FnAOMN0IyO3vWhNFAoIWcEjqShpslvZXBUm9CtsUH92xxhQP6UAY/ko5wJUz6kH/Cp5bJJpZZI54yvL4KtkDP0961RplosSub5cMSB+6PbH+Ip8VtYxrKGu9xdNoxGeOQf6VIGPb2kDcPcIB/ut/hWjDY2ixyR/aVBOMHY3+FSW9lbSSiNbjJbgYjPWrJitYx/x8biOM+X1/WpbAgtrKCC4hlkuY9gO4YVuQDj09qpm1jTrcR/k3+FaciWswi3TuuxcfLH7k+vvS/YLWSJpftJ2qQvzR9zn39qVwMY2kbvtDoScn+Lt+FJ5FsIXXz48llIADds+3vWtHawJMrGfcBnoh9MVTlsbcD/AI+T75jPFK4zNNrHncs6enRv8KjeEookLqULFQcHqPw961fsFvExWS6bcOwi4/nTbmG3a0EKSk4cvu2eoAxj8KVwMqbyy24OnI6c8fpVV4xuysqkn6/4VpJYxuHIlb5Fy2U7f5NVWgjR9xl+UEdFNMCkYxuILrkfX/CmtEBzvGPoauSJEXJ8wHJ67TUUqICBvGCOuDQBVdUZyUIxn0NFKpVCQWopiI1BDBuTg1YjK7jnP5U1ShxkN/31/wDWqzGsBTd5b5zj7/8A9atQEIjB6tyB2q1FtMSoGIw2c7fp/hUkFvDO4yjIB1+b/wCtU0SQBgFRz7eYP8KAJreOFwcyMCFJ4T/69WLSSzimRpHmYKQceWP8akt7Ryx8uxuW3DBA5/XbV1NBdlVltZgT1DyqMfpQBVeOymcuslwqk8fIvH60ktpaRS7WmnI2g5EY7jP973rYttFAB8xSpHT97n/2WpzoUE8u+R5FG0LhW9Bj09qkDIxZTWyRlp1KMTnYvOce/tSG1tSkjI0p8td33QM8gevvW4nh6zTndM31Yf4VYj0u0TcBETuGDlj0zn+gpAczAbOKZZAZiVIPAFO22u7P79ie20f410v9mWiyKywD6cYGOatPLb2lu0rvHDCvJYkKopWA5yPTkZVZLe5IcAg7MVaj01jA8Ajk5cN8xUYwD/jWjLq1hHYC9M6tbsdokUFgTz6fQ1UvPENpa29vMI5pFnUsm0AdD3yaOUBkWiBeJXOD/d5IqvJosJaYiZ8RDkbRk8VUHjTzJ/Lg0/OQcFpeeB6Af1rUW8kbQprwJ5UrKHcHnHPPB9s0uVARtoMV1cO7s8WQPlyD7Hp9KuQ+H9OhKnyzJgYO85yc9SK4WXXtTMY8u6aPcucRhUwe/IHrXo1tP59lBOP+Wsavn6gGqUUAxLK1i/1drCn0QDNY3ia0S4gjjMaZeQHf0YAccc89T+ddCOTzWJ4hiLRi4CMwhGeTjGenbn/9VD2A4IxQZxmTn/ZH+NQTKmeC3HHIq85hD4ETgf7+f6UwwJIxIVsYz1qBmY0SkBueSRRVh/LGFEbDHX5v/rUUwM6IkkZGatpJtXaFXB571Wjwcjjp6VbjXAHAI+grUR0XhqLzrySM28bRGH53YE7CRwRz1ya6Hw7bmyyoiTbNEsolQkgnnI69sj8657w88jXi26soimwJOONqgmu4tLYWsC28ZLKnC+uPoKTAn4J6GggDgCkxj2pR1NIDH1zXoNGkhSW3klaVSy7SAOPX86yU8aL543WIWLPLCcFgPpj9KX4gwhraxm6bJWTP+8P/ALGp9XjW58DwTMg3RxRPnb0PCt/M0AW9e1s2ekxXFirSPc48phwAMZzWG0/iOztYdRlnk8uTBAZlbOeRkY7/AEpsrPJ4Ms5FUloLhozkZwDk/wCFbV432nwKrHlkiT/x0gH+RoAzPFkp1LQtOvVxHvLK6k4AYjkfmppmgzfavC9/pkjqzwo0iBWB+Xrj8x+tG9ZfAxbAf7PcZxzxn/8AaqG1JspdOvlWNLa6iMcgUHtlW9T0waANDw3breeErizmQytDK+1AcEsACP1re07SoYNMtbe6hjleJDneobaTyf1rJ8FyM5vY3cMQUIIUD1Hbr0HWupXGOpP50AcJpiCy8czQLCqJJJIuQO33h/IdK6m9BmsLyMR53xsv15IrntTxb+OYGAUGR4znHOCAp6/jXWOCCTgEDaORnvSYHlUCfuWUHlBkDGMr/wDWr0fw2/m6BaEnOI9mf90kf0rhLi3W0upI9ozFIRnGSMHHr6V2vhE50jbgDy5WXGc9cH+tMDXxt6ZrO1iTZB8wQxblDB225yf8K1W/zmobi3iuIwsyhsHK5AOD60MDzm7kSOWRRBH8rEd/8aoS3LqTtRB+fNal+8wuZ0kCl9xJLxKGOecnis+7k+WMAJkoN37sdfyrMCpGRKzFlAP40U2SRt3ykD6KBRVWAqQhx61dj34xzTRFMJMIr/dHT6VcSO5jij+WQHc3y8+g/wDr1dwNjQMjWUid2iDblVsY2nH/ANbH413eN3U5Hoa4bRmf7YI5t4VioAJIOSy9D612wLL1Ix7D/CkA7AA+UAfSlxx9KTIIzz+VIJAf7wHuOv5UAYXjODztCY4B8uVG69Mnb/7NUenbbvwPJEeNsUi8jdjBJHb6VpeIIhPoN6hyB5RbOM4x839K5TSvE0Fjo8ltJHczO5J3KgIGQB0J/wAKAItKmS58IarHHuk8iZJRvIBOcDPfsDXQaBi68ITwDB2rIgHBwSM/1qn4V0ovp2oeak0UN4gjTeoVsAHnA+vXNVraw8R6ZHJZ2qu0b5BI2lW7ZyeRxQA/RF8/w5q0BOQiiUYzzjJ/9lqzp9mdQ8IPGEJeCUvH745/UE/jV/QdFmsdNnS4cC4uAQwQ/dHOOfxPSjw9pEukQzLdXKzvIwbIBJBxzyfwoAzfCDMmpyxtubdET8zFuciuxLOQMYIrB07w9YadqLXtvI+4liseV2rntjGe/rW2JGDYDAZ9BQByni+Q22pWtwH2kxgc56q35d66xZAwDA5B6H1qhfX9jbMv2x0LgcZUuR+A5qS0vba9iL2sySAcHGRj6jqKLj5Xa9jiNfd7bXbpCnDPuyeR8wz6e/rW34HuTJbXcY6RshGRjqD/AIVkeOowmqQS5KCWLsoyxU9jn0IqfwDO7Xd5ESceWpG4nPBI6En1oEdwck9aoahaXNw4a2vGiYnkZ4x7Crm6kzkj34oA4zVlvoL+VQ8zZbIKkkY7fpWPdNeE/Or5/wBzFdlrttJJIzqrsPKA+UHrvH+Jrn2gkEkR8qXKyDJ2npWezAxrUSsX3ozYxjcKKhljlRypRxj2NFMClCsjtwCTWhDFK2BtyaoQKQQ3y9D1Iq1HG/HKn/gYqwNIQXH9otcRRsVWbeDx03ZFei+YDgBZP+/bY/lXm0cDg4coufVx/jXolpGr2cEm+RmaNTnzDjOB6GkgJg4boH/FSKQtt6+tO8mNgQwBJOQSMkfnTEsIVkDhclSD0HbvTAA8cgKMVYMMFTzmq6HSrUfuhaRDJOUVV+vSrTQZRVWSRcEEkNnP51yFhbRTeJJrK4LeWGkChXI6HPb2qG2jWlTUk2+h1ltdQXJLQSiQA4JDZH51TvdSuLe7NvDZrIeMM84QHP4GsGHZpPi5IFlYpI21Vyx+Urke3XH5VDrcSX3iW5t1iAlEWQ2RliI9w/oKTk7GsaMVLXa1zrkuJZrISRAB2QnIYFQ319M1zmma9cy6nHHeXlvJHJ8myMqcMehz9fc9ak8EXKzWMtsf3jQuGXd2B7D8QfzrmHs2S4vkQOHtSX29AAG2kj8wfwpOT0ZdOkrygzqEkuYfGTRvdsYXHyws5IGVz93p1HrUGmb7bxZNCDFmRpOmC+PvAdfYVTa8M+t6Xf4jQSpH5rucYYMVYD1+nvUmoSSWvjqIpK6pI8ZOz5chgFOSOtF+pXLuvL8hlrYnVPFNyupxSGPdIV3AgHBwBn0x6elTaZYPpXi5orVJjbPlW4+UArkZPfBxTYI2tvH7DaSrSHJyT95P8TXZSOkZ/eSqgPq2KcVcirNxsujRy3j+2dtNt51BBjl2t8u7hh1x+ArJ8ASKuuyoTkyW57ehU12urafaXthJbXeEiYglgQpBBz1NZGn23hzSrtJLe7jM5OwHztx546DitDjOiPBNUZtOSTcPNlAZssMjnnPpWiaTbSauBg6zYiLY0Jdy42kHHasGW2mWLJjOD3yK6jX7dJLMTlQGjIw2exrmbhkaERllxkn7w7gf4VnLRiZizwuspBQ/hRT5rYyNlSvHuKKdwMlBhR8wqdTwPmFVlChBiQZ+hqeKEMP9cn5H/CrGXjIJZCyOoCoMk57ACuv0DUZbiyjtoJF3QRkEkZDc8c8YP19K4+3jgjEiyTqGZMD5Se4NdR4SW2gEhW6iZ3YK6k7SB2Iz16kflSA6lGYqrMu0kcjjinHB5bJ9M84pvA67R9cCkPXI6+tUBJu9hXD6lctpvjB7hV3qpD7c4zlcHn8TXboMjvxXH+KQbTxBaXIBA2o2fdWP9MVFTY6cL8bXdCWkd7rfiSPUWtxDDEyksRkAL0AJHJzUkRUfECaR2VVAwSeMfuxXYk+9cRd2K6n4umtnkMYLFty84woqWrGlOaqN30SQaQwsPFzwRybraYtGCjZXnleR+Ap8USw+Obi3dG8q53ggn5SGTcaZrWirpdxaXFi0shZs9AcMCD2H+cVpXenzz+J7LUILaUxssbswH3c8EH8KWuxo+V+8nun96OOvrSbTtQkt5GVRBISjN1PoQPcYre8XKF1OxvoyeYwRz6Nn+orX8S+GZdTuYbm0VPM27JN5xwOhqxf6BPfWVhG0qRy28ex2AznIAOPyo5XqgVaDcJN97mP4hza+JLa8H3CI5Cc+h5+vAqPxld211JavZTCdwGDeU2R1GOn48V1lxpMF5ZQ294C7RKAJF4OcYJH1qlaeGdOtJ1mAkmdDlfMIIB9cACqcWZQrU1ZvdD/EcTzaBdDHzbA/0wQT/KvN5EcMJAUBzxgHOfxNetMqvGUkUMhBBVhkEUiwWtsq7VhhDHaoVQuSe1aHGOUiSNZF+6wDD8aUqMc0C5tvNaFpk8yNQXGemaoXWsWUErxvcwA4yh3ZB+uOlK4D9Yt/tGkzIAN23cCe2Oa4KaLABMsf51vXt6glLJqkhZwwmRd2wHGOBj1zXONsYENOhx/sn/Cs5O7JYKixO4eZAeOOf8KKZcRxTTM63Uag4+8G9PpRSAw48HOGOPpVuNkTGHPv8tUUZVUgE8+1TxmPjLN+X/161KLrtG77gew7V0XhTS7e7uXmleTzLZkkUDgHOcZz9BXNARIQN7ZIB+768+tdB4d1a2sLt5JHcI0OCNo5I6d/rSGd6qccUeW2ayovE2nPbGRTIXRFZk2+pwf8+9Nt/F9qHPm20uznBUAnrx1NO6CxshSDzWdqmh22qSxS3byKIQ2NpAznHXI9qY/iyzlxttZh/vYFQNr0kRETSeYNoPzRbsgjPXI7Gk2iouUXdG9BCroAhLADGc5zRFpVrHctcrbxCdusm0bj+Ncu+rqqqYJ5ImXOdkYA7dt3tT4NRlui3/EwuhsUsQRjI/BqXOKzOifT4BJ+7Z4XOSCjYBOfypq3kVkRHdXccpOeUXkfXB/pWBFfWokWR55SVbJzH1/Wklewlcv58uGJPEQ4/Wp5uwWN+41TT5YAUnKup3LhWzn39qVNUs5Y3kRmXaQCCvrn/CsdbG3WNJRcSbZBkfIM9cevtSj7HHG8fnyZYg8qOMZ9/ejmYWL/ANvUnLS/Lk5+U1BJfNkrHOmD0/dE4/Ws8LbSSrGk8u9mC/cGMn8aiZrdMqZ5sgkfcH+NLmYrEt9eXML7H1DaCoOFi7EZqm90j2oie7kcowKsVPHHSmX7W1xIsgkmXairjYD0GPWqjpD5DyJLLtQgH92Oc59/aluIakSzzMqz/PyeVPIAyapziE4/fZ/4CafFcw21z5oeR8Kw5UDqCPX3qk7Qc/PJ/wB8j/GnYRNLNG8ruHxk5+7VOchW+/1GelSSeTE20s/QH7o7jPrVe4mjdgV34wAcgdhihIRGWXux/KiomZM8FvyoqrAUwAPWrChBEGO7riosoTnafzpzPhcBTj61ZRZd42wQG4AHX0GKkt5IQRvRyP8Ae/8ArVU4AU4b5h6+9SK8Sgfu3/77/wDrUDN22urCFJIzFOdw2lg46ZB449qe0togUp5zbxn5sDHJH9KyLd45pShDDIZvvegJ/pTjcR4QGNvlGPv/AP1vepsUjVW6txwTOPxFXYZra7mVWScYj67x/Cv09qworiErgwsffzP/AK1Xo7i2t44pEjk8x1bOZBgA5X0pWGjSV7FlwUnHvuB/pUrPY2VxJGGn5TGeO4BrIS+tBgNBIffzf/rVYhmtL+9JeKRdw7SDgAfT2pWGWYlsZZN3mXGT64q+sdgLeQpJMTHgkcD2rIE9m4Ci3kUD0lH/AMTVhb21ijdRA+HGDmUc85/u0h2NEXcUot7dBIuDsB3Duc5/Wqkl3CCQY5W/7aj/AOJqFr2ztzBcJbMcjcA0pOCD7AelVGvbR2/49MH/AK6miwi9HfW0dxHJ5UuUYNjeD0/CnNLbzCadY5gqYONwHU/Q1VtZrS4u4YfspUyOF3CQ9zio21GOOOaHyW2uRn95zx07UWJY4y20kqRhZVLsFyZB3/Cq0t5CqSRKsmxmGTvHbPt71A11AkiyrCdykEfvO4/CoHeH7MZmjJLSFcb+nGfT3qrCYrPDnO2T/vsf4UwiExs5EnBAxuH+HtUPnRcfum/77/8ArU77TBsKeS21iCfn9M+3vTsSEskUso+RhwB970GPSqxaPP3W/wC+v/rVPI8MUzARFtpI5brVZnh7RMP+B/8A1qLCGs8WfuN/31/9aimqquSQCB9aKYH/2Q=='/>
<ul>
<li><b>NS Transaction ID:</b> ${NS_TRANSACTION_ID}</li>
<li><b>NS Session ID:</b> ${NS_APPFW_SESSION_ID}</li>
<li><b>Violation Category:</b> ${NS_APPFW_VIOLATION_CATEGORY}</li>
<li><b>URL:</b> ${HTTP.REQ.HOSTNAME}</li>
<li><b>Path:</b> ${HTTP.REQ.URL.PATH}</li>
<li><b>All LOG Violation Details:</b> ${NS_APPFW_VIOLATION_LOG}</li>
</ul><br>
<!-- Contact Information -->
<p>If you need immediate assistance, please contact us at <strong>+55-011-123-4567</strong>.</p>
<p>Alternatively, you can <a href="https://team.example.com/open-ticket">open a support ticket</a> and our team will get back to you as soon as possible.</p>
</div>
</body>
</html>
Vale ressaltar que os exemplos de variáveis inseridas no HTML como abaixo, são valores que nosso Netscaler irá capturar no momento do request a aplicação e aos logs que estão sendo gerados pelo DROP configurado.
- NS_TRANSACTION_ID
- NS_APPFW_SESSION_ID
- HTTP.REQ.URL.PATH
Segue abaixo o exemplo da webpage sendo carregada localmente.
Conclusão
Nesse processo foi criado uma página como teste e pode ser pensada de uma forma mais polite de trazer as informações ou apenas de recomendação para direcionar o usuário ou dev para contatos ou formas de avaliar o request feito na aplicação.
Fiquem à vontade para sugerir novas idéias ou ítens que vocês já executaram e seria interessante divulgar para a comunidade.
Atte,
Rodrigo