Forum Discussion
fredlubrano
Cirrus
Cirruscustum reponse page for api
here is a custom response specific to aWaf adapted for the API and status code (406), ex for Maximum Length : when ASM_REQUEST_BLOCKING {
set violationDetails [ASM::violation details]
...
fredlubranoCirrus
CirrusUpdate iRule :
when ASM_REQUEST_BLOCKING {
set violationDetails [ASM::violation details]
set supportID [ASM::support_id]
if { [regexp {json_error.error \{Maximum Length Violation\}} $violationDetails] } {
set maxLengthViolation 1
regexp {json_error.tag \{(.+?)\}} $violationDetails _ jsonErrorTag
regexp {json_error.received ([0-9.]+)} $violationDetails _ jsonErrorReceived
regexp {json_error.expected ([0-9.]+)} $violationDetails _ jsonErrorExpected
set jsonErrorReceivedInt [expr {int($jsonErrorReceived)}]
set jsonErrorExpectedInt [expr {int($jsonErrorExpected)}]
set customResponse [format "{\"type\": \"Business error\",\"title\": \"Maximum Length Violation\", \"detail\": \"%s may only be %d characters, %d found - SupportID: %s\", \"status\": 406}" $jsonErrorTag $jsonErrorExpectedInt $jsonErrorReceivedInt $supportID]
ASM::payload replace 0 [ASM::payload length] ""
}
}
when HTTP_RESPONSE_RELEASE {
catch {
if { [info exists maxLengthViolation] } {
HTTP::respond 406 content $customResponse "Content-Type" "application/json"
}
}
}