Question on JSON Content Profiles

Question

Hello all&nbsp;
We are testing a new application through ASM. Some POST submissions from the client send the data in JSON format. Some responses from the server to client GET requests are also in JSON format.&nbsp;
As ASM’s job is to protect the application is it correct to say that the settings in the JSON Content Profile are primarily concerned with analysing and enforcing the JSON data sent by the client rather than the response from the server? Or is it looking at both the request and response?&nbsp;
Thank you&nbsp;

kolom · Answer

ASM examines only JSON requests , not responses.&nbsp;

only1masterbla1 · Answer

JSON Content Profile are primarily concerned with analysing and enforcing the JSON data sent by the client. Also note that JSON parameters can be analyzed in code 13.x. In older codes, you can put controls around JSON block.

devlin_t_149357 · Answer

Brilliant, thank you guys. It was as I suspected and makes perfect sense. &nbsp;

Forum Discussion

Question on JSON Content Profiles

Recent Discussions

Client SSL Profile set to Require Client Certificate breaks RDP in APM

TS Declarations for DNS

APM file and registry key date check 8 days old

SSL bridging without SSL proxy forward

Should config via cli rather than gui?

Related Content

DevCentral Content Highlights

This DevCentral Content has been Archived or Deleted

Community Highlights, Week 52 '22 + bonus year-end content

F5 Agility 2022 Content Hub

DoS Profiles

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS