ASM: Apostroph (0x27) char in header value

Question

Hi,we see HTTP requests comming in where the User-Agent header ist delimited by an apostroph (0x27 ASCII). The ASM flags this as a violation and suggests me to allow that char.As far as I unterstand RFC7230 sec 3.2.6 this char is NOT allowed as delimiter, but as contents (tchar).Am I correct? Should I ignore the ASM suggestion?Michael

juergen_mang · Answer

It depends on:

if you want to allow the client, you must disable this protection
else ignore the suggestion

There are some browsers, mostly from smartphones, that violates the rfc's and sends non-ascii characters in headers.

mohamed_ahmed_kansoh · Answer

Hi&nbsp;misch43&nbsp;,&nbsp;I recommend to ask server developer.&nbsp;Take some samples from F5 Violated requests " Contains Apostroph " to Backend server developer to review it with him to take the proper action against this violation , if you should allow or Block it.

Forum Discussion

ASM: Apostroph (0x27) char in header value

2 Replies

Recent Discussions

SMS server with BIGIP

F5 terminal - help to run commands - disk space full

Can iRule be used to perform exception of IPI category based on Geolocation

[ASM] - what is "Browser Challange file" ?

LDAPS and renegotiation

Related Content

Re: F5 XC Distributed Cloud HTTP Header manipulations and matching of the client ip/user HTTP header

Security headers

F5 Distributed Cloud - Service Policy - Header Matching Logic & Processing

Log Http Headers

iRule to modify a content-security-policy header