Cisco FirePOWER ASA 5500 series Configuration Manual page 632

Configuring User Attributes
•
•
The following example shows how to configure file access, file browsing, HTTP Proxy, and MAPI Proxy
for the user named anyuser:
hostname(config)# username anyuser attributes
hostname(config-username)# webvpn
hostname(config-username-webvpn)# functions file-access file-browsing MAPI
hostname(config-username-webvpn)#
Specifying the Content/Objects to Filter from the HTML
To filter Java, ActiveX, images, scripts, and cookies for WebVPN sessions for this user, enter the
html-content-filter command in username webvpn configuration mode. To remove a content filter, enter
the no form of this command. To remove all content filters, including a null value created by issuing the
html-content-filter none command, enter the no form of this command without arguments. The no
option allows inheritance of a value from the group policy. To prevent inheriting an HTML content filter,
enter the html-content-filter none command. HTML filtering is disabled by default.
Using the command a second time overrides the previous setting.
hostname(config-username-webvpn)# html-content-filter {java | images | scripts | cookies |
none}
hostname(config-username-webvpn)# no html-content-filter [java | images | scripts |
cookies | none]
The keywords used in this command are as follows:
•
•
•
•
•
The following example shows how to set filtering of JAVA and ActiveX, cookies, and images for the user
named anyuser:
hostname(config)# username anyuser attributes
hostname(config-username)# webvpn
hostname(config-username-webvpn)# html-content-filter java cookies images
hostname(config-username-webvpn)#
Cisco Security Appliance Command Line Configuration Guide
30-78
none—Sets a null value for all WebVPN functions. Prevents inheriting functions from a default or
specified group policy
url-entry—Enables or disables user entry of URLs. When enabled, the security appliance still
restricts URLs with any configured URL or network ACLs. When URL entry is disabled, the
security appliance restricts WebVPN users to the URLs on the home page.
cookies—Removes cookies from images, providing limited ad filtering and privacy.
images—Removes references to images (removes <IMG> tags).
java—Removes references to Java and ActiveX (removes <EMBED>, <APPLET>, and <OBJECT>
tags.
none—Indicates that there is no filtering. Sets a null value, thereby disallowing filtering. Prevents
inheriting filtering values.
scripts—Removes references to scripting (removes <SCRIPT> tags).
Chapter 30 Configuring Tunnel Groups, Group Policies, and Users
OL-10088-01