Forum Discussion
ghost-rider_124
Nimbostratus
NimbostratusASM Learning Fine Tuning (illegal meta characters in value)
Hello Experts
My ASM policy is in transparent mode and configured as manually that is through wildcards for URL, Parameters and file types.
I am getting violations "illegal meta characters...
Hi,
- You must decide wich meta characters is allowed for the parameters.
- If you accept suggestion for wildcard parameters illegal meta characters would be accepted for all parameters but not for particular learned parameters.
- Allowed: Specifies that the character or meta character can occur in parameter values. Disallowed: Specifies that the character or meta character can not occur in parameter values.
- This settings came from /Security/Application Security/Parameters/Characters Sets
Vitaliy_Savrans
Nacreous
Nacreousyou can accept learning suggestion, if you don't see parameter name. I had the same issue and didn't find the way how to get parameter name wich had violation from logs.
ghost-rider_124Thanks Vitaliy. So it means if I accept this then it will be accepted under wildcard parameter? In case if it is showing the parameter name then what I need to do? Appreciated your reply- Vitaliy_SavransYes, it will be accepted under wildcard parameter. If it's showing the parameter name you can accept learning suggestion and it will work only for that parameter.
- ghost-rider_124Hi Vitaliy Thanks for your assistance. The last question is in the attached snapshot, what is the action? 1- Allow on entities 2- Allow in parameter value/JSON content/XML content character sets