config : waf file-uncompress-rule
 
waf file-uncompress-rule
Use this command to decompress a file that was already compressed by a protected web server.
Since the FortiWeb appliance cannot scan compressed files in order to perform features such as data leak prevention, you can configure the FortiWeb appliance to decompress files based on the file type.
 
By default, the maximum file size that FortiWeb can decompress is 64 KB. FortiWeb does not scan files larger than the maximum.
You can use the config system advanced command’s max-cache-size setting to adjust the maximum files size (see “config system advanced”).
 
All decompressed files are recompressed after being scanned. As such, unlike “waf file-compress-rule”, the effects of this command will not be visible to end-users.
To exclude specific URLs, see “config waf exclude-url”.
To apply a decompression rule, select it in an inline or offline protection profile. See “config waf web-protection-profile inline-protection” or “config waf web-protection-profile offline-protection”.
To use this command, your administrator account’s access control profile must have either w or rw permission to the wafgrp area. For more information, see “Permissions”.
Syntax
config waf file-uncompress-rule
edit <rule_name>
config content-types
edit <entry_index>
set content-type <content-type_name>
next
end
[set exclude-url <exclusion-rule_name>]
next
end
Variable
Description
Default
<rule_name>
Type the name of a new or existing rule. The maximum length is 35 characters.
To display the list of existing rules, type:
edit ?
No default.
<entry_index>
Type the index number of the individual entry in the table. The valid range is from 1 to 9,999,999,999,999,999,999.
No default.
content-type <content-type_name>
Specify one of the following content types:
text/plain
text/html
application/xml(or)text/xml
application/soap+xml
application/x-javascript
text/css
application/javascript
text/javascript
To compress multiple file types, add each file type in a separate table entry with its own <entry_index>. See “Example”.
No default.
exclude-url <exclusion-rule_name>
Type the name of an exclusion to use with the rule, if any. See “config waf exclude-url”. The maximum length is 35 characters.
No default.
Example
The following example creates a decompression rule with two content types and one exclusion rule.
config waf file-uncompress-rule
edit "Online Store Uncompress Rule"
config content-types
edit 1
set content-type application/soap+xml
next
edit 2
set content-type application/xml(or)text/xml
next
end
set exclude-url "Uncompress Exclusion"
next
end
Related topics
config waf file-compress-rule
config waf exclude-url