Forum Discussion

LB's avatar
LB
Icon for Cirrus rankCirrus
Aug 14, 2020

Return ASM Violation in Response

Hey folks,   Is it possible to return the ASM violation in the response body?   If so, what does that logic look like?
  • Ivan_Chernenkii's avatar
    Aug 20, 2020

    I don't know how to do it in simple way, but you can try to use ASM iRule for this purpose.

    Something like this:

    when ASM_REQUEST_BLOCKING {

    set x [ASM::violation_data]

    #c_ stands for "custom"

    set c_brp "<html>

             <head>

             <title>This is a custom BRP!</title>

             </head>

             <body>

             <h1>The request was blocked and next violations were detected: [lindex $x 0].</h1>

             </body>

            </html>"

      set c_brplen [string length $c_brp]

     

    HTTP::header replace "Content-length" $c_brplen

     

    #ASM already formed a BRP, so we delete it first and place ours instead

    #d_ stands for "default"

    set d_brplen [ASM::payload length]

    ASM::payload replace 0 $d_brplen $c_brp

    }

     

    Thanks, Ivan