ASM: Failed to convert character

Question

Hello everyone,&nbsp;
I have an application protected by ASM using charset UTF-8. What happens is that sometimes I get some false-positives because the user browser is not using the charset informed in the meta tag. For instance, in some tests using Chrome and having as input some strings like “weißbier” or “über” I have no problems, but when I use Internet Explorer 11, ASM blocks the request with this error.&nbsp;
There is an article from Microsoft about this saying that IE does not always take the specified charset in the page but it might be overridden by OS settings:&nbsp;
https://support.microsoft.com/en-us/help/928847/internet-explorer-uses-the-wrong-character-set-when-it-renders-an-html&nbsp;
So my question is, how do you deal with this? I wouldn't like to disable this check in the Security Policy, any possible alternatives?&nbsp;

renato · Answer

If you know which one is the problematic client and the policy element affected, you are able to allow traffic when it happens using iRule.
Something like this:
when ASM_REQUEST_VIOLATION
{
    set asmdata [ASM::violation_data]
    if {([lindex $asmdata 0] contains "VIOLATION_CHAR_CONV")}
    {
        if { [string tolower [HTTP::header User-Agent]] contains "msie" }
        {
            ASM::unblock
        }
    }
}

Forum Discussion

ASM: Failed to convert character

Recent Discussions

Background Tasks

Which process is consuming higher CPU

SSL bridging without SSL proxy forward

Big-IP VE edition for MacBook M4 Chip

Client SSL Profile set to Require Client Certificate breaks RDP in APM

Related Content

Failed to convert character

Converting TCL-Based iRules to Distributed Cloud Service Policies and L7 Routes

Alteon Config Converter

BIG-IP Wide-IP to F5XC DNSLB converter

Converting a BIG-IP Maintenance Page iRule to Distributed Cloud using App Stack

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS