Before you can complete this task, you need to have already created a security
policy for your web application. The application needs to have been developed using
ASP.NET, jQuery, Prototype®, or MooTools to use AJAX blocking behavior.
This task describes how to configure blocking response and login response pages for
web applications that use AJAX.
On the Main tab, click
In the Current edited policy list near the top of the screen, verify
that the edited security policy is the one you want to work on.
Click AJAX Response Page.
The system displays the default blocking response and login response
actions for AJAX.
For the Default Response Page action, select the type of
response you want the application user to receive when they are blocked from the
Custom Response lets you specify HTML text or
upload a file to use as a replacement for the frame or browser page that
generated the AJAX request. Include the text, then click
Show to preview the response.
Popup message displays text in a popup window (default text is included).
Redirect URL redirects the user to the URL you
specify. You can also include the support ID. For example:
For the Login Page Response action, select the type of
response (types are the same as for default response page in Step 5).
To activate the updated security policy, on the top right of the screen, click
Apply Policy, then click OK to confirm.
When the enforcement mode of the security policy is set to blocking and a request
triggers a violation (that is set to block), the system displays the AJAX blocking
response according to the action set. If a login violation occurs when requesting the
login URL, the system sends a login response page, or redirects the user.