Forum Discussion
Question on JSON Content Profiles
Hello all
We are testing a new application through ASM. Some POST submissions from the client send the data in JSON format. Some responses from the server to client GET requests are also in JSON format.
As ASM’s job is to protect the application is it correct to say that the settings in the JSON Content Profile are primarily concerned with analysing and enforcing the JSON data sent by the client rather than the response from the server? Or is it looking at both the request and response?
Thank you
Brilliant, thank you guys. It was as I suspected and makes perfect sense.
JSON Content Profile are primarily concerned with analysing and enforcing the JSON data sent by the client. Also note that JSON parameters can be analyzed in code 13.x. In older codes, you can put controls around JSON block.
- kolomAltostratus
ASM examines only JSON requests , not responses.
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com