Forum Discussion

Nimbostratus

Aug 13, 2015

ASM Reading PDF Content as Attack from Multipart/Form-data Web Form Upload

I have one site that I'm trying ASM on, and uploading a PDF from a FILE input in a multipart/form-data web form is triggering a SQL Injection blockage from the ASM. The ASM seems to be choking o...

ASM Advanced WAF

security

gsharri

Altostratus

Aug 17, 2015

You can modify the properties of the parameter that is used for file uploads:

Parameter value type: User input value

Data type: file upload

With those settings ASM will no longer apply attack signatures to the data contained in that parameter. There is no single setting for ASM or the security policy that will stop the examination of file uploads.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

ASM Reading PDF Content as Attack from Multipart/Form-data Web Form Upload

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

How can I get started with iCall

Connection Rest f5

Kubernetes cert-manager + LetsEncrypt + F5

The GSLB pool is providing an incorrect IP to end users

Unable to ping from some self ip on Velos

Related Content

F5 402 Exam reading list and notes

Change Content-Type from application/octet-stream to multipart/form-data

ignore nested Content-Type inside multipart/form-data

How To Read An F5 Security Advisory

Layer 7 Content Routing in F5 XC

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS