URL rewrite iRule - ASM
ASM is blocking a request which doesn't have domain name in one of the parameters in the URI.
Background: example.domain.com is a VIP and has ASM enabled. Below is the default breakdown login page that changes per request, the issue is one of parameters(resource_url), is missing the domain name, example.domain.com before the context root, /user/loginsso, and ASM thinks it's a web command execution attack and blocking it and I don't want to unblock ASM for this particular request type.
I think rewriting the URI fixes the issue but,
-
if it is an LTM iRule, does ASM triggers based on the source URL or rewrite URL?
-
if based on source URL, then what are the config changes to be done in the ASM?
-
and couple of paramters in the url changes per request, so not sure how to use the stringmap, please help.
https://example.domain.com/login/login.html
?bmctx=some random ID that changes per request
&contextType=external
&miscCookies=disablehttponly
&username=string
&OverrideRetryLimit=1
&password=secure_string
&challenge_url=https://example.domain.com/login/login.html
&ssoCookie=disablehttponly
&DCCCtxCookieMaxLength=5000
&request_id=some ID that changes per request
&authn_try_count=0
&locale=en_US
&resource_url=/user/loginsso
Expected:
resource_url=https://example.domain.com/user/loginsso