Content type hearder charset=UTF-8

Question

Hello friends,&nbsp; We have a requirement to have WAF should only allow charset=UTF-8 in the Content-Type header.&nbsp; So curios does this cover by any rule in ASM policy or do we have to create a custom rule through iRule or other ? &nbsp; Basically our objective to accept only ute-8 and reject rest of any. &nbsp; Appreciate any inputs !!

enes_afsin_al · Answer

Hi stephen4f5,
Requests that do not contain charset=UTF-8 in the Content-Type header can be blocked with a custom attack signature.

spalande · Answer

Alternatively, you can also create LTM policy or iRule to reject the traffic which doesn't have that content-type header.&nbsp;

zamroni777 · Answer

i dont think utf8-only rules is included in asm built-in rules because utf8 cannot cover all aphabets in single code, e.g. each chinese alphabet needs 3 utf8 codes.
so you need to set custom LTM/ASM filter for it

Forum Discussion

Content type hearder charset=UTF-8

Recent Discussions

HTML Code injection Not detected by ASM

HTTPS Monitor Health - Receive String 200 OK Not Working

SSL Server Profil

Alert Mail when virtual server down trubleshooting

CLI command to fetch details related to backend server IP

Related Content

exclude HTTP::header value Content-Type] equals "text/xml; charset=utf-8" from SSL redirect

DevCentral Content Highlights

Layer 7 Content Routing in F5 XC

This DevCentral Content has been Archived or Deleted

iRule to modify a content-security-policy header

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS