Check HTML Syntax Handler

Purpose

The Check HTML Syntax Handler verifies the syntax of the HTML code returned by your web application. If the handler detects an error, it writes an entry to the log files (see Check Check HTML Syntax Handler).

For more information regarding adding and editing Handlers, see Editing Handlers.

Severity

Events triggered by this handler are given the severity: low. (For details on severity levels, see Severity of Events Triggered by Handlers).

Recommendations for use

Use this handler when testing your web application before releasing it to the public.

ATTENTION
The Check HTML Syntax Handler may create a large number of log file entries. We don’t recommend to use this handler on a live web application.

Attributes

Attribute Meaning

tags without endtag

Here you can specify a list of HTML tags that don't necessarily require an end tag. If the handler detects a missing end tag for one these tags, it doesn't report the syntax to be incorrect.

ignore endtags-inside script tags

Enable this option if you want the handler to ignore end tags within script tags

.

(For details on applicable scenarios, e.g. see website http://htmlhelp.com/tools/validator/problems.html#script).

content types

The handler only analyzes responses of the content types specified here. Responses of all other content types are ignored.

The default is text/html, which lets the handler analyze all HTML files (*.htm, *.html, *.shtml).

usertext

Optional:

Here you can specify some text that vWAF adds to the log file entries created by this handler. You can use this, for example, to document why you've added the handler to your configuration, and how the handler is intended to behave.

enable logging

Disable this option if you do not want vWAF to create a log file entry when the handler is executed. This can be useful to keep log files smaller in case the handler creates a large number of entries but you don't need these entries.

When in detection mode, disabling logging de facto makes the handler ineffective. Disabling logging also prevents the actions of the handler from being taken into account for the Top-10 lists in Attack Analysis, and from being listed in Reports .

To decrease the size of the log files, also consider to enable reduced logging, which excludes all non-handler-related information from the log files (see Editing Applications).

For details regarding entries added to the log file by this handler, see the relevant section in Entries in Application-Specific Log Files.