000032013 - RSA DLP Enterprise Manager does not accept URLs ending with * or starting with * in transmission attributes

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000032013
Applies ToRSA Product Set: DLP
RSA Product/Service Type: Enterprise Manager
RSA Version/Condition: 9.6 and above
Platform: Windows
IssueWhen creating a policy and adding transmission attributes in the policy specifying URLs in any of the formats below, Enterprise Manager displays an error stating that they are invalid.
ResolutionAll validations for an entry in the Enterprise Manager (EM) webpage is done in the validation.js script under RSA/enterprise manager/webapps/root/script.
To allow for the asterisk to be used at the beginning or end of a URL, perform the steps below.
  1. Login to Enterprise manager and edit the following file: RSA/enterprise manager/webapps/root/script/validation.js 
  2. Edit the above file and search for the following function: validateHttpOrFtpUrl

    The above function specifies the regex to validate the URLs. By default, it has the following setting:
     
    function validateHttpOrFtpUrl(url) {
        if (!url){url = '';} else {url = url.trim();}    
        var httpOrFtpUrlRegex = /^(?:(?:ht|f)tp(?:s?)\:\/\/|~\/|\/)(?:\w+:\w+@)?(?:(?:(?:[-\w*?]+\.)+(?:com|edu|gov|int|mil|net|org|biz|arpa|info|name|pro|aero|coop|corp|jobs|museum|local|travel|[a-z]{2}|(?:\d|[01]?\d\d|2[0-4]\d|25[0-5])))|(?:(?:\[?(?:(?:(?:[0-9A-Fa-f]{1,4}:){7}(?:[0-9A-Fa-f]{1,4}|:))|(?:(?:[0-9A-Fa-f]{1,4}:){6}(?::[0-9A-Fa-f]{1,4}|(?:(?:25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(?:\.(?:25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(?:(?:[0-9A-Fa-f]{1,4}:){5}(?:(?:(?::[0-9A-Fa-f]{1,4}){1,2})|(?:(?::[0-9A-Fa-f]{1,4}){0,1}:(?:(?:25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(?:\.(?:25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(?:(?:[0-9A-Fa-f]{1,4}:){4}(?:(?:(?::[0-9A-Fa-f]{1,4}){1,3})|(?:(?::[0-9A-Fa-f]{1,4}){0,1}:(?:(?:25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(?:\.(?:25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(?:(?:[0-9A-Fa-f]{1,4}:){3}(?:(?:(?::[0-9A-Fa-f]{1,4}){1,4})|(?:(?::[0-9A-Fa-f]{1,4}){0,2}:(?:(?:25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(?:\.(?:25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(?:(?:[0-9A-Fa-f]{1,4}:){2}(?:(?:(?::[0-9A-Fa-f]{1,4}){1,5})|(?:(?::[0-9A-Fa-f]{1,4}){0,3}:(?:(?:25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(?:\.(?:25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(?:(?:[0-9A-Fa-f]{1,4}:){1}(?:(?:(?::[0-9A-Fa-f]{1,4}){1,6})|(?:(?::[0-9A-Fa-f]{1,4}){0,4}:(?:(?:25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(?:\.(?:25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(?:(?:::[0-9A-Fa-f]{1,4})(?::[0-9A-Fa-f]{1,4}){0,6})|(?:(?:::[0-9A-Fa-f]{1,4})(?:(?::[0-9A-Fa-f]{1,4}){0,4}:(?:(?:25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(?:\.(?:25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})))|(?:::(?:(?:25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(?:\.(?:25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})))\]?))|(?:[-\w*?])+)(?::[\d]{1,5})?(?:(?:(?:\/(?:[-\w~!$+|.,=|*?]|%[a-f\d]{2})+)+|\/)+|\?|#)?(?:(?:\?(?:[-\w~!$+|.,*:]|%[a-f\d{2}])+=(?:[-\w~!$+|.,*:=]|%[a-f\d]{2})*)(?:&(?:[-\w~!$+|.,*:]|%[a-f\d{2}])+=(?:[-\w~!$+|.,*:=]|%[a-f\d]{2})*)*)*(?:#(?:[-\w~!$+|.,*:=]|%[a-f\d]{2})*)?$/;
        return httpOrFtpUrlRegex.test(url);
    }

  3. Change the above settings as shown below.
     
    function validateHttpOrFtpUrl(url) {
        if (!url){url = '';} else {url = url.trim();}
        
        var httpOrFtpUrlRegex = /^(http|https|ftp)\:\/\/([a-zA-Z0-9\.\-\*]+(\:[a-zA-Z0-9\.&%\$\-]+)*@)*((25[0-5]|2[0-4][0-9]|[0-1]{1}[0-9]{2}|[1-9]{1}[0-9]{1}|[1-9])\.(25[0-5]|2[0-4][0-9]|[0-1]{1}[0-9]{2}|[1-9]{1}[0-9]{1}|[1-9]|0)\.(25[0-5]|2[0-4][0-9]|[0-1]{1}[0-9]{2}|[1-9]{1}[0-9]{1}|[1-9]|0)\.(25[0-5]|2[0-4][0-9]|[0-1]{1}[0-9]{2}|[1-9]{1}[0-9]{1}|[0-9])|localhost|([a-zA-Z0-9\-]+\.)*[a-zA-Z0-9\-\*\.]+\.(com|edu|gov|int|mil|net|org|biz|arpa|info|name|pro|aero|coop|jobs|museum|local|travel|[a-zA-Z]{2}))(\:[0-9]+)*(\/($|[a-zA-Z0-9\.\,\?\*\'\\\+&%\$#\=~_\-]+))*$/;
        return httpOrFtpUrlRegex.test(url);
    }

  4. After the above function regex is changed, save the file and restart the EM services.

Attachments

    Outcomes