Technical Forum
Ask questions. Discover Answers.
cancel
Showing results for 
Search instead for 
Did you mean: 
Custom Alert Banner

Asm capabilities to decode base46 request

THE_BLUE
Cirrostratus
Cirrostratus

i have tried to inject sql injection in my request and encode it , the asm pass the request as 200 . so how can i decode the request to allow asm to read and detect the attack?

1 REPLY 1

IoF
Altostratus
Altostratus

Not sure what ASM version you are on however in Advanced WAF v.15 there is a checkbox for "Base64 Decoding" when defining HTTP Headers or Parameters in the application security policy. Only meant to be enabled it if the value expected is always going to be Base64 encoded, otherwise you will get a ton of violations/errors.