Forum Discussion

Cirrostratus

Jan 23, 2019

Malformed JSON data and Character encoding

Hi team, The following POST request triggers the violation "Malformed JSON data" . POST https://10.10.1.80/ HTTP/1.1 Content-Type: application/json; charset=iso-8859-1 Host: 10.10.1.80 Expect: 10...

ASM Advanced WAF

security

samstep

Cirrocumulus

Jan 23, 2019

ASM is correct in blocking this request as JSON can't be encoded in charset= iso-8859-1

The JSON Standard (RFC7159) clearly states that:

"JSON text shall be encoded in UTF-8, UTF-16, or UTF-32"

Speak to the application developers as they should be sending JSON in UTF-8 and escaping the special characters. If they question this - point them to the JSON standard.

Link to JSON Standard: https://tools.ietf.org/html/rfc7159

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)