Jan 13, 2018
Question on JSON Content Profiles
Hello all
We are testing a new application through ASM. Some POST submissions from the client send the data in JSON format. Some responses from the server to client GET requests are also in JSON format.
As ASM’s job is to protect the application is it correct to say that the settings in the JSON Content Profile are primarily concerned with analysing and enforcing the JSON data sent by the client rather than the response from the server? Or is it looking at both the request and response?
Thank you