Forum Discussion
Can't upload msg file - ASM block
- Oct 06, 2021
This looks correct, though I don't have any lab where I could test this at the moment.
Your configuration would apply anytime the Content-Type header value is multipart/form-data.
The Request Header Value allows wildcards. You could try to narrow down to Do Nothing only for .msg files by testing this combination:
Request Header Name : Content-Disposition
Request Header Value : form-data; name="*.msg"; filename="*.msg"
Request Body Handling : Do Nothing
EDIT: A word of caution. You should consider to what risk you are exposing your application when not checking these uploads.
Hi ,
I guess this discribes your blocking message and a possibe solution:
K32081491: ASM blocked a request due to Attack Signatures triggered with Violation Context AMF body
KR
Daniel
Dear Daniel,
Many thanks for sharing.
For Request Header Name, enter an explicit header name that must appear in requests for this URL.
so in my case i have to do like this :
Request Header Name : Content-Type
Request Header Value : multipart/form-data;
Request Body Handling : Do Nothing
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com