For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

raischk_224259's avatar
raischk_224259
Icon for Nimbostratus rankNimbostratus
Jun 10, 2016

Manual Traffic Learning -> Malformed JSON Data: How to handle this?

Hi,   i created an ASM policy in blocking mode with a json profile. Sometimes I have a few illegal requests in Security > Event Logs > Application > Requests with "Malformed JSON Data" violation. ...
application delivery
ASM Advanced WAF
BIG-IP
devops
JSON
learning
K__Raisch's avatar
K__Raisch
Icon for Nimbostratus rankNimbostratus
Jun 15, 2016

Hello Arnaud Lemaire,

 

thanks for your answers and sorry for my questions. I am new in ASM and not realy familiarized with it.

 

Maybe this screenshot helps for a precisely report about my problem. In HTTP Request > General Details there is an "JSON Parser Attack" detected. All malformed json data violations are truncated. Maybe this relates to each other?

 

In this quoted menue I have the opportunity to deactivate this violation to let the traffic pass. I think this is the accept button next to the different URLs, isn't it? I don't understand the option in column "request body handling". What an effect does this have if I change the setting to "form data", "apply value and content signatures" or "apply Content signatures"?

 

Thanks for your answer.