问题
I want to block user-agents with UrlScan on IIS 6. However I am not able to specify a user-agent with a semicolon in the string. I think this is a very common scenario, but I can't find any answer on how to escape a semicolon in UrlScan.ini (where semicolon are used for commenting). This is the rule:
RuleList=DenyUserAgent
[DenyUserAgent]
DenyDataSection=AgentStrings
ScanHeaders=User-Agent
[AgentStrings]
Mozilla/5.0 (Windows NT 5.1; rv:6.0) Gecko/20100101 Firefox/10.0.2
I tested it and it blocks all the user-agents that start with "Mozilla/5.0 (Windows NT 5.1" because it considers the rest of the string as a comment.
回答1:
It seems like you would need to URL escape it, i.e. %3B
See http://learn.iis.net/page.aspx/476/common-urlscan-scenarios/ for examples; one such example they have is blocking semicolon in the querystring to block a SQL injection attack
来源:https://stackoverflow.com/questions/11850833/specifying-string-with-semicolons-in-urlscan-ini