Skip to content
  • There are no suggestions because the search field is empty.

Error when uploading dockets - blocked access by Cloudflare

 The file contains a hyperlink that our system security is blocking due to it could be malicious link. The Cloudflare raised the XSS: Jquery vulnerability due to below reason:

 

Why your file was blocked

You may have a PDF named which has rendered content and links

  • There is a clickable URL with Markdown-style formatting:
  • It's shown in duplicate format — both a visible link and embedded hyperlink.

While this looks benign, some PDF generators or copy-pasted content from tools like Word or CMS platforms may inadvertently embed links like:

htmlCopyEdit<a href="javascript:void(0)">Transcript</a>

or contain malformed URI tags that trigger WAF rules.

Even if no javascript: link is visible, the PDF internally may contain:

  • Encoded strings like javascript:void(0)
  • Obfuscated script tags or action triggers
  • Embedded JS functionality (e.g., Acrobat scripting)

✅ How to fix / safely upload

Here are your options:

🛠️ 1. Scan & clean the PDF

  • Use tools like PDF X-RAY Lite or pdfid.py to scan for embedded JavaScript
  • Or open in Adobe Acrobat and go to:
    • File → Properties → JavaScript — and remove all scripts

✂️ 2. Re-export or reprint as PDF

  • Open the file in a viewer (like Chrome, Word, Acrobat)
  • Print to PDF or export as a flattened version
  • This strips scripts and hidden metadata that might trigger WAF

☁️ 3. Bypass for internal uploads (optional)

  • If this upload is safe and used only internally, you can:
    • Disable Cloudflare WAF for the specific upload endpoint
    • Or add a WAF rule to allow this file signature (not recommended unless well controlled)
markdownCopyEdithttps://www.westernsydney.edu.au/graduation_ceremonies/graduating/documents/academic_transcript