Greg_33558
May 14, 2015Nimbostratus
ASM Illegal URL garbles Custom Default Response Page
NEVER MIND.
I am an utter, complete, total nincompoop.
I was issuing an HTTP::respond 404 myself in an iRule that I'd forgotten about.
I will attempt to delete this post now.
The ASM block page for Illegal URLs appears to:
- Replace the Response Headers from the Custom (200 -> 404)
- Append the Custom response text to a fixed "Not Found"
- Set the Content-Length to 9 (which is length("Not Found"))
- (The browser will ignore the Custom response text that was appended, due to Content-Length)
Example:
I have an ASM profile where the Default Response Page has been set to Custom and given the following text:
However, if I have
/test/block
configured as an Illegal URL and go to it in a browser, I get the following response (screencap from Burp Suite Proxy Intercept):
Why is the ASM incorrectly combining responses like this? Is there anywhere to configure the 404 (I'm happy to send a 404, but prefer my text) within ASM (I know I can do it with an iRule, but that seems like overkill).
Any help appreciated.