For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

MSZ's avatar
MSZ
Icon for Nimbostratus rankNimbostratus
Jul 26, 2017

Null in Request (Escaped NULL in post data)

I am getting the above message under HTTP Protocol Compliance failed. \0 is known as Null. But I am unable to see the above symbol in Post data. I was able to see the %00 in one of the parameter valu...
ASM Advanced WAF
BIG-IP
security
James_Betts_290's avatar
James_Betts_290
Icon for Cirrus rankCirrus
Jul 26, 2017

When you click on the violation name in the ASM event log it should show you the character in context but not always. The %00 you detected could be the item it was complaining about and if this is allowed for the parameter then you can define it as allowed by going to "Application Security -> URLs -> Allowed URLs" and creating a URL for the faulting page. After you create the URL you can then select it out of the list and pick "URL Parameters" and click the "Create" button. Fill out the form as follows:

Parameter Name : Explicit : (name if the parameter with the null)
Parameter Level : URL : URL Path : enter the URL of the page
Parameter Value Type : Ignore value

Click "Create".

These steps will allow your page to accept the null value if it should be allowed.

MSZ's avatar
MSZ
Icon for Nimbostratus rankNimbostratus
Jul 26, 2017

But why I am getting Null in Request (Escaped NULL in post data) when there is no \0