Web Application Firewall (WAF) - Dynamic Token-based Authentication Released for Bot Management in WAF V6.5.2.0
Apr 18 2022
Web Application Firewall (WAF)Content
Target customers: users who use the scenario-specific configuration feature of WAF. Features released: Dynamic token-based authentication is introduced in the scenario-specific configuration feature to solve the issue that JavaScript verification can be easily bypassed. Dynamic token-based authentication is implemented by adding a signature to a web request. When a client sends a request, WebSDK provided by WAF generates a signature for the request. The signature is sent together with the request to WAF. If the signature is verified, the request is forwarded to the origin server. If the signature fails to be verified, a code block is returned for the client to obtain a dynamic token and the client must add a signature again.