POST data length error

Question

As I was reading the definition of "POST data length error" in the ASM config guide, I started thinking about how ASM actually calculates the length of POST data. I was hoping someone could elaborate. 
&nbsp;  
&nbsp; What I'm wondering to myself is if ASM has to buffer the entire HTTP POST before calculating how large it is? And if that's the case, I wonder what effect that might have on HTTP applications where large client uploads are normal, or from a TCP perspective? I can't imagine ASM blindly compares the Content-Length header against the security policy. 
&nbsp;  
&nbsp; Would appreciate any thoughts. Thanks.

hoolio · Answer

Maybe Ido or someone else with more technical info on ASM could answer.  But in the meantime, I think ASM does buffer the entire payload in order to validate the data.   
&nbsp;  
&nbsp; You could test your second question by using an interception proxy to modify the Content-Length header value on a POST request.  I also assume it doesn't use the header value to validate the payload length. 
&nbsp;  
&nbsp; Aaron

Forum Discussion

POST data length error

Recent Discussions

Diameter iRules attachment?

F5 BIG-IP

BIG-IP Oauth Client and AS

How to Renew F5 Device Certificate

Use of SSL Decryption.

Related Content

SSL length key

HTTP POST redirect preserving POST data

Invalid Content-Length header caused Big-IP to terminate connection?

Variable Length URI Lookup

Insufficient permissions BIG-IQ login error

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS