Retaining String PatternsUsing String Content Patterns, you can save strings that would normally get filtered out by the various string filters you are using. One very simple example of this would be 'eBay'. Normally, if a string contained only the word 'eBay', it would be filtered out since it is an example of a camel-case word - normally not found in the English language. By adding eBay to the String Content Patterns category of your Rule Set, you make sure this string will still be in the Scan Results after a scan. As a side note, you normally do not translate company or product names, but there are cases where it still makes sense to catch these. The Edit String Content Patterns list for a java Rule Set is shown below.
The Inherited column lists the name of the Rule Set that defined the string content pattern. A value of 'No' indicates that the pattern is local to the Rule Set. Local patterns can be modified and/or deleted. Inherited patterns can be overridden. To disable a local string content pattern, uncheck the box. To create a new pattern, select the New String Content Pattern link at the top of the page. This displays the Create String Content Pattern form, shown below.
The page contains six fields used to describe a rule: Name, Pattern, Priority, Description, Help Page, and Enabled. Use the Name field to give your pattern a brief, meaningful name. The Pattern field must contain a valid Regular Expression. For more information on Regular Expression syntax, click here. The Priority field is used to rank the detected issue. Priorities range between 0 and 5. Assign priority 0 to indicate a string concatenation. Otherwise, assign priority 1 to 5, with 1 being the most likely to be an issue. Note that the string concatenation priority 0 will display as a 'C' in the Globalyzer Workbench. Use the Description field to (1) enter a more indepth explanation of the pattern, (2) understand the reason for its inclusion in the scan, and/or (3) describe a process to correct the problem. Use the Category field to set a category that can be enabled or disabled in bulk for a ruleset. The Help Page field is where you can provide a URL link for the pattern. This link may either help explain why this pattern is important, or it may explain how to correct the issue found. The Enabled field determines whether the pattern is processed by Globalyzer (checked) or ignored by Globalyzer for now (unchecked). Once you've provided the string content pattern information, click the Create button. The Edit String Content Patterns list redisplays, showing your changes. If a string content pattern is local to the Rule Set, it can be modified and/or deleted. Click on its name hyperlink from the Edit String Content Patterns list. This displays the Edit String Content Pattern page, shown below. All fields are modifiable. Press Update to save any changes. Press Delete to delete the string content pattern. After updating or deleting, the Edit String Content Patterns list redisplays, showing your changes.
If a string content pattern is inherited, it can be overridden. Maybe you want to disable the inherited pattern in your Rule Set. Click on its name hyperlink from the Edit String Content Patterns list. This displays the Override String Content Pattern page, shown below. All fields are modifiable, but if you change the pattern field, you will end up creating an entirely new string content pattern, rather than overriding the inherited one. Press Create to create the override string content pattern. After creating, the Edit String Content Patterns list redisplays, showing your local string content pattern.
To return to the Customize Rule Set page, select the Back to Summary link. |
Configuring Rule Sets