For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Alexei_Barabash's avatar
Alexei_Barabash
Icon for Nimbostratus rankNimbostratus
May 18, 2017

POST of JSON object

Hello people hope you can help me here.   Is there a way to explain ASM that a specific URL can accept POST of JSON object in body ,without parameter name?   thank you :)  
ASM Advanced WAF
security
CharlesCS's avatar
CharlesCS
Icon for Cirrus rankCirrus
May 18, 2017

If you've already created an URL object, then on the 

Security ›› Application Security: URLs: Allowed URLs: Allowed HTTP URLs ›› Allowed HTTP URL Properties
page, change from Basic to Advance. Then in the "default" item at the bottom of the panel you can change the Request Body Handling pulldown to "JSON" and select (or create) a JSON content profile.

If you haven't created the URL object yet, then you'd do the same on the 

Security ›› Application Security: URLs: Allowed URLs: Allowed HTTP URLs ›› New Allowed HTTP URL...
page instead.

You may also need to click the "Methods Enforcement" tab and the "Override policy allowed methods" checkbox to be sure that POST is allowed.