Forum Discussion

Altostratus

Oct 17, 2018

ASM allowed URLs with header based content

hello community, I would like to get clear my ideas about the allowed urls in the ASM ... I do have an ASM policy which is still in staging but I have found some violations in JSON posts that are fa...

ASM Advanced WAF

security

Alex_f5

Altostratus

Oct 21, 2018

Hello Scott, the violation found are:

Evasion technique detected
Failed to convert character
HTTP protocol compliance failed

But is my my understanding that if we just allow the URL and we add a header based content profile that matches a specific value in the http header then the ASM will not generate a log even if other violations are found, am I wrong?, thank you !

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

ASM allowed URLs with header based content

Jonathan - March 2026 Featured Member

F5 AppWorld 2026 Las Vegas - iRules Contest Winners!

2026 F5 DevCentral MVP Announcement

Recent Discussions

Adding my Product and support to bigF5 account

Illigal Parameter addition as custom signature set wanted to Unblock

CPU load when Prometheus is scraping metrics from F5 BIG-IP LTM

TCPDUMP in BigIP for traffic coming from distrbuited cloud.

iRules for recreation: HTTP Protocol Parser implemented using BIG-IP iRule(unfinished)

Related Content

iRule to modify a content-security-policy header

Layer 7 Content Routing in F5 XC

Invalid Content-Length header caused Big-IP to terminate connection?

DevCentral Content Highlights

Strict header Insertion

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS