Forum Discussion
NimbostratusDefine allowed character in ASM for JSON parameter
I'm intercepting a POST with JSON parameter and I want to check the content but I'm not able to see where to define allowed character, length and type of each parameter
I defined my parameters as JSON value
If I post following request, it's working
<code>
{
"data": {
"type": "enrollment",
"attributes": {
"fire": "t",
"app": "t",
"installation": "t",
"credential": "t",
"phoneNumber": "1"
}
}
}
</code>
This one is also working
<code>
{
"data": {
"type": "enrollment",
"attributes": {
"fire": "f",
"app": "f",
"installation": "f",
"credential": "f",
"phoneNumber": "1"
}
}
}
</code>
But If I post following content, it's blocked with error message that I have "illegal character" (It's the same character as above but I have two character in the value instead of one)
<code>
{
"data": {
"type": "enrollment",
"attributes": {
"fire": "tf",
"app": "tf",
"installation": "tf",
"credential": "tf",
"phoneNumber": "2"
}
}
}
</code>
So where can I define the length and type of each JSNO value ?
Are you sure those are JSON values and not user-input values?
Do you have an OpenAPI Spec file to verify?
Since you are running on 15.1.2.1, as stated - if you have a OpenAPI Spec file can you create a policy "REST API Security (Open API Spec) " with the Guided Configuration?
KR
Daniel
9 Replies
- Daniel_Wolf
MVP
Hi ,
the example which is blocked looks like valid JSON. Maybe check yourJSON Profile here:
Security ›› Application Security : Content Profiles : JSON Profiles
As a reference, check the Manual Chapter : Adding JSON Support to an Existing Security Policy.
KR
Daniel
PhilippeGHi
Thanks for the reply. I already had a look to this page and I also checked "character set" in "application security - Content profiles - Character sets - JSON content" and in "application security - Parameters - Character sets - Parameter Value/Name".
What I don't understand is why it's accepted when the character is in first position in the value but not when he is in second position (or more)
KR
Philippe
- Daniel_Wolf
Sorry, maybe I was on the wrong track.
Does this violation occur with any combination of more than one character in the value?
Or only when the f is in second position?
Or on any character in the second position?
EDIT: Did you change the Default JSON profile?
- PhilippeG
It's depend the character, when I'm sending "ft" or "tf", it's occur on second character.
If I'm sending "a" it's occur on first parameter.
And what is strang is that violation occur only on parameters "fire" and "installation" even if my four parameters (fire, installation, app and credential) have the same value.
CarinePEmployee
Hi Daniel, Philippe is testing in v15.1.2.1
