< Home

Enabling URL Encoding and Decoding

Context

To improve web application security, data from untrustworthy sources must be encoded before being sent to clients. URL encoding is most commonly used in web applications. After URL encoding and decoding are enabled, some special characters in redirect URLs are converted to secure formats, preventing clients from mistaking them for syntax signs or instructions and unexpectedly modifying the original syntax. In this way, cross-site scripting attacks and injection attacks are prevented.

Procedure

  1. Run system-view

    The system view is displayed.

  2. Run portal url-encode enable

    URL encoding and decoding are enabled.

    By default, URL encoding and decoding are enabled.

    If the system software is upgraded from a version earlier than V200R009C00SPC500 to V200R009C00SPC500 or a later version, the switch automatically runs the undo portal url-encode enable command to disable URL encoding and decoding.

Check the Configuration

Run the display portal url-encode configuration command to check the configuration of URL encoding and decoding.

Parent Topic: (Optional) Configuring NAC Extended Functions
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >