Forum Discussion

Cirrus

Jan 15, 2019

ASM : Multipart/form-data parameter value violation

Hello, After spending some time reading and searching, i can't find complete information to understand my blocking. ASM has blocked multipart/form-data content from a POST request. First is SQL injec...

Cirrocumulus

Jan 16, 2019

If you have:

Content-Disposition: form-data; name="_app_generated_name" then yes "_app_generated_name" is a parameter and is being correctly recognised

If POST parameter value contains bits of JavaScript ASM will of course block it as this looks like a code injection attack. There might be some legit reason for it, if this is how your application works (for example if it is a CMS/Content Management System then users with editor privileges can upload content, however regular users/visitors of the website must not be able to do that, otherwise hackers can upload any code they want and hack into the website.

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

ASM : Multipart/form-data parameter value violation

Recent Discussions

ports are showing open on online scanning tool

Upgrade F5 BIGIP

DNS HM Probe issue

Is XFF a must for ASM WAF DoS

Switch ssl profile based on weak cipher detection via IRULE

Related Content

Brute Force protection for single parameter like OTP

Rate limiting GraphQL API query using iRule and Advanced WAF Violation

Separating False Positives from Legitimate Violations

Wildcard Parameter signature attack

ignore nested Content-Type inside multipart/form-data

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS