Data Loss Prevention - Detect and sanitize HAR files
3mo ago
Source
CloudflareData Loss Prevention - Detect and sanitize HAR filescloudflare.comHTTP Archive (HAR) files are used by engineering and support teams to capture and share web traffic logs for troubleshooting. However, these files routinely contain highly sensitive data — including session cookies, authorization headers, and other credentials — that can pose a significant risk if uploaded to third-party services without being reviewed or cleaned first. Gateway now includes a predefined DLP profile called Unsanitized HAR that detects HAR files in HTTP traffic. You can use this profile in a Gateway HTTP policy to either block HAR file uploads entirely or redirect users to a sanitization tool before allowing the upload to proceed. How to configure a HAR file policy In the Cloudflare dashboard , go to Zero Trust > Traffic policies > Firewall Policies > HTTP and create a new HTTP policy using the DLP Profile selector: Selector Operator Value Action DLP Profile in Unsanitized HAR Then choose one of the following actions: Block : Prevents the upload of any HAR file that has not been sanitized by Cloudflare's sanitizer. Use this for strict environments where HAR file sharing must be disallowed entirely. Block with Gateway Redirect : Intercepts the upload and redirects the user to , where they can sanitize the file. Once sanitized, the user can re-upload the clean file and proceed with their workflow. Sanitized HAR recognition HAR files processed by the Cloudflare HAR sanitizer receive a tamper-evident sanitized marker. DLP recognizes this marker and will not re-trigger the policy on a file that has already been sanitized and has not been modified since. If a previously sanitized file is edited, it will be treated as unsanitized and flagged again. Visibility in Gateway logs Gateway logs will reflect whether a detected HAR file was classified as Unsanitized or Sanitized , giving your security team full visibility into HAR file activity across your organization. For more information, refer to predefined DLP profiles .
You might also wanna read
Secure File Gateway - Premium Access Hub
eslammsd-gaming-news-2.static.hf.space·16d ago
Firefox 148 Introduces Standardized Sanitizer API for Enhanced XSS Protection
Firefox 148 introduces the standardized Sanitizer API as a security enhancement to protect against cross-site scripting (XSS) attacks. The n
hacks.mozilla.org·4mo ago
A Comprehensive Guide to HTTP Strict Transport Security (HSTS): Implementation, Preloading, and Best Practices
This article provides a comprehensive, hands-on guide to HTTP Strict Transport Security (HSTS), explaining how it prevents downgrade attacks
undercodetesting.com·1d agoThe Sanitizer API: How Element.setHTML() Simplifies Browser-Based HTML Sanitization
The article explains that the new Sanitizer API being built into browsers is essentially just the Element.setHTML() method, which provides a
Early Exploitation of React2Shell Vulnerability (CVE-2025-55182) Targets Critical Infrastructure
The article details early exploitation activity following the public disclosure of the critical React2Shell vulnerability (CVE-2025-55182).
Tell HN: Fiverr left customer files public and searchable
news.ycombinator.com·2mo ago

Comments
Sign in to join the conversation.
No comments yet. Be the first.