For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Aurel's avatar
Aurel
Icon for Cirrus rankCirrus
Jan 15, 2019

ASM : Multipart/form-data parameter value violation

Hello, After spending some time reading and searching, i can't find complete information to understand my blocking. ASM has blocked multipart/form-data content from a POST request. First is SQL injec...
application delivery
ASM Advanced WAF
security
samstep's avatar
samstep
Icon for Cirrocumulus rankCirrocumulus
Jan 16, 2019

  1. If you have:

    Content-Disposition: form-data; name="_app_generated_name" then yes "_app_generated_name" is a parameter and is being correctly recognised

     

  2. If POST parameter value contains bits of JavaScript ASM will of course block it as this looks like a code injection attack. There might be some legit reason for it, if this is how your application works (for example if it is a CMS/Content Management System then users with editor privileges can upload content, however regular users/visitors of the website must not be able to do that, otherwise hackers can upload any code they want and hack into the website.