RSA DLP Enterprise Manager does not accept URLs ending with * or starting with * in transmission attributes
2 years ago
Originally Published: 2015-11-28
Article Number
000043342
Applies To
RSA Product Set: DLP
RSA Product/Service Type: Enterprise Manager
RSA Version/Condition: 9.6 and above
Platform: Windows
Issue
When creating a policy and adding transmission attributes in the policy specifying URLs in any of the formats below, Enterprise Manager displays an error stating that they are invalid.
Resolution
All validations for an entry in the Enterprise Manager (EM) webpage is done in the validation.js script under RSA/enterprise manager/webapps/root/script.
To allow for the asterisk to be used at the beginning or end of a URL, perform the steps below.
  1. Login to Enterprise manager and edit the following file: RSA/enterprise manager/webapps/root/script/validation.js 
  2. Edit the above file and search for the following function: validateHttpOrFtpUrl

    The above function specifies the regex to validate the URLs. By default, it has the following setting:
     
    function validateHttpOrFtpUrl(url) {
        if (!url){url = '';} else {url = url.trim();}    
        var httpOrFtpUrlRegex = /^(?:(?:ht|f)tp(?:s?)\:\/\/|~\/|\/)(?:\w+:\w+@)?(?:(?:(?:[-\w*?]+\.)+(?:com|edu|gov|int|mil|net|org|biz|arpa|info|name|pro|aero|coop|corp|jobs|museum|local|travel|[a-z]{2}|(?:\d|[01]?\d\d|2[0-4]\d|25[0-5])))|(?:(?:\[?(?:(?:(?:[0-9A-Fa-f]{1,4}:){7}(?:[0-9A-Fa-f]{1,4}|:))|(?:(?:[0-9A-Fa-f]{1,4}:){6}(?::[0-9A-Fa-f]{1,4}|(?:(?:25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(?:\.(?:25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(?:(?:[0-9A-Fa-f]{1,4}:){5}(?:(?:(?::[0-9A-Fa-f]{1,4}){1,2})|(?:(?::[0-9A-Fa-f]{1,4}){0,1}:(?:(?:25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(?:\.(?:25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(?:(?:[0-9A-Fa-f]{1,4}:){4}(?:(?:(?::[0-9A-Fa-f]{1,4}){1,3})|(?:(?::[0-9A-Fa-f]{1,4}){0,1}:(?:(?:25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(?:\.(?:25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(?:(?:[0-9A-Fa-f]{1,4}:){3}(?:(?:(?::[0-9A-Fa-f]{1,4}){1,4})|(?:(?::[0-9A-Fa-f]{1,4}){0,2}:(?:(?:25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(?:\.(?:25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(?:(?:[0-9A-Fa-f]{1,4}:){2}(?:(?:(?::[0-9A-Fa-f]{1,4}){1,5})|(?:(?::[0-9A-Fa-f]{1,4}){0,3}:(?:(?:25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(?:\.(?:25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(?:(?:[0-9A-Fa-f]{1,4}:){1}(?:(?:(?::[0-9A-Fa-f]{1,4}){1,6})|(?:(?::[0-9A-Fa-f]{1,4}){0,4}:(?:(?:25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(?:\.(?:25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(?:(?:::[0-9A-Fa-f]{1,4})(?::[0-9A-Fa-f]{1,4}){0,6})|(?:(?:::[0-9A-Fa-f]{1,4})(?:(?::[0-9A-Fa-f]{1,4}){0,4}:(?:(?:25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(?:\.(?:25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})))|(?:::(?:(?:25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(?:\.(?:25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})))\]?))|(?:[-\w*?])+)(?::[\d]{1,5})?(?:(?:(?:\/(?:[-\w~!$+|.,=|*?]|%[a-f\d]{2})+)+|\/)+|\?|#)?(?:(?:\?(?:[-\w~!$+|.,*:]|%[a-f\d{2}])+=(?:[-\w~!$+|.,*:=]|%[a-f\d]{2})*)(?:&(?:[-\w~!$+|.,*:]|%[a-f\d{2}])+=(?:[-\w~!$+|.,*:=]|%[a-f\d]{2})*)*)*(?:#(?:[-\w~!$+|.,*:=]|%[a-f\d]{2})*)?$/;
        return httpOrFtpUrlRegex.test(url);
    }
  3. Change the above settings as shown below.
     
    function validateHttpOrFtpUrl(url) {
        if (!url){url = '';} else {url = url.trim();}
        
        var httpOrFtpUrlRegex = /^(http|https|ftp)\:\/\/([a-zA-Z0-9\.\-\*]+(\:[a-zA-Z0-9\.&%\$\-]+)*@)*((25[0-5]|2[0-4][0-9]|[0-1]{1}[0-9]{2}|[1-9]{1}[0-9]{1}|[1-9])\.(25[0-5]|2[0-4][0-9]|[0-1]{1}[0-9]{2}|[1-9]{1}[0-9]{1}|[1-9]|0)\.(25[0-5]|2[0-4][0-9]|[0-1]{1}[0-9]{2}|[1-9]{1}[0-9]{1}|[1-9]|0)\.(25[0-5]|2[0-4][0-9]|[0-1]{1}[0-9]{2}|[1-9]{1}[0-9]{1}|[0-9])|localhost|([a-zA-Z0-9\-]+\.)*[a-zA-Z0-9\-\*\.]+\.(com|edu|gov|int|mil|net|org|biz|arpa|info|name|pro|aero|coop|jobs|museum|local|travel|[a-zA-Z]{2}))(\:[0-9]+)*(\/($|[a-zA-Z0-9\.\,\?\*\'\\\+&%\$#\=~_\-]+))*$/;
        return httpOrFtpUrlRegex.test(url);
    }
  4. After the above function regex is changed, save the file and restart the EM services.

Related Articles

Trending Articles

Don't see what you're looking for?