Forum Discussion

Icon for Nimbostratus rank

Nimbostratus

Oct 25, 2021

Define allowed character in ASM for JSON parameter

I'm intercepting a POST with JSON parameter and I want to check the content but I'm not able to see where to define allowed character, length and type of each parameter I defined my parameters as J...

ASM Advanced WAF

Daniel_Wolf
Nov 03, 2021
Are you sure those are JSON values and not user-input values?
Do you have an OpenAPI Spec file to verify?

Since you are running on 15.1.2.1, as stated - if you have a OpenAPI Spec file can you create a policy "REST API Security (Open API Spec) " with the Guided Configuration?

KR
Daniel

Icon for MVP rank

MVP

Oct 30, 2021

Hi ,

the example which is blocked looks like valid JSON. Maybe check yourJSON Profile here:

Security ›› Application Security : Content Profiles : JSON Profiles

As a reference, check the Manual Chapter : Adding JSON Support to an Existing Security Policy.

KR

Daniel

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming