Before you can associate a Google Web Toolkit (GWT) profile with a URL, you need to
create a security policy with policy elements, including application URLs and the GWT
When you associate a GWT profile with a URL in a security policy, the Security
Enforcer can apply specific GWT checks to the associated requests.
On the Main tab, click
In the Current edited policy list near the top of the screen, verify
that the edited security policy is the one you want to work on.
In the Allowed URLs List area, click the name of a URL that might contain GWT
The Allowed URL Properties screen opens.
From the Allowed URL Properties list, select
For the Header-Based Content Profiles setting, specify
the characteristics of the traffic to which the GWT profile applies.
In the Request Header Name field, type the
explicit string or header name that defines when the request is treated
as the Parsed As type; for example,
This field is not case-sensitive.
In the Request Header Value field, type a
wildcard character (including *, ?, or [chars]) for the header value;
for example, *gwt*.
This field is case-sensitive.
For the Parsed As setting, select
For the Profile Name setting, select the GWT
profile that you created from the list.
The system adds the header and profile information to the
If you have multiple headers and profiles defined, you can adjust the order of
To put the security policy changes into effect immediately, click Apply
When the system receives traffic that contains the specified URLs, the Security
Enforcer applies the checks you established in the GWT profile, and takes action
according to the corresponding blocking policy.