Before you can associate a Google Web Toolkit (GWT) profile with a URL, you need to
create a security policy with policy elements, including application URLs and the GWT
profile.
When you associate a GWT profile with a URL in a security policy, the Security
Enforcer can apply specific GWT checks to the associated requests.
-
On the Main tab, click .
-
In the Current edited policy list near the top of the screen,
verify that the edited security policy is the one you want to work on.
-
In the Allowed URLs List area, click the name of a URL that might contain GWT
data.
The Allowed URL Properties screen opens.
-
From the Allowed URL Properties list, select
Advanced.
-
For the Header-Based Content Profiles setting, specify
the characteristics of the traffic to which the GWT profile applies.
-
In the Request Header Name field, type the
explicit string or header name that defines when the request is treated
as the Parsed As type; for example,
Content-Type.
This field is not case-sensitive.
-
In the Request Header Value field, type a
wildcard character (including *, ?, or [chars]) for the header value;
for example, *gwt*.
This field is case-sensitive.
-
For the Parsed As setting, select
GWT.
-
For the Profile Name setting, select the GWT
profile that you created from the list.
-
Click Add.
The system adds the header and profile information to the
list.
-
Optional:
If you have multiple headers and profiles defined, you can adjust the order of
processing.
-
Click Update.
-
To put the security policy changes into effect immediately, click Apply
Policy.
When the system receives traffic that contains the specified URLs, the Security
Enforcer applies the checks you established in the GWT profile, and takes action
according to the corresponding blocking policy.