Symptoms
CS Challenge from Web Scraping is impacting the customer's website causing the browser to display a blank page.
Impact
CS Challenge from Web Scraping is impacting the customer's website causing the browser to display a blank page.
Conditions
Configure ASM policy with client side challenge for brute force and the different web scraping features.
Workaround
This issue has no workaround at this time.
Fix Information
We added the following internal parameters that you can add to headers and URLs in order to avoid requests receiving a client side challenge:
cs_excluded_headers - Contains one or more headers, separated by a comma [,]. When one of these headers is presented in the transaction, the client side challenge is not injected in the transaction. (The URL qualification will still work in this case, as it is expected that the same URL may appear with or without these headers). The default value is an empty string.
cs_excluded_urls - Contains one or more explicit URLs, separated by a comma [,]. These URLs will never be qualified for a client-side challenge. The default value is an empty string.
