TsgcWebSocketFirewall › Properties › PathTraversal
Scans inbound messages for directory traversal patterns and denies, allows or logs them according to Action.
property PathTraversal: TsgcFirewallPathTraversal read FPathTraversal write SetPathTraversal;—
Enable PathTraversal.Enabled to detect directory traversal sequences inside messages. The scanner recognises ../ and ..\, URL-encoded variants (%2e%2e%2f, %2e%2e/, ..%2f), null-byte injection (%00), Unix sensitive paths (/etc/passwd) and Windows system paths (c:\windows). Action controls the response: faDeny rejects the message, faAllow forwards it and faLog only fires OnViolation with type fvPathTraversal. Matches feed ThreatScore through WeightPathTraversal. Defaults: Action=faDeny.
sgcWebSocketFirewall1.PathTraversal.Enabled := True;
sgcWebSocketFirewall1.PathTraversal.Action := faDeny;