cancel
Showing results for 
Search instead for 
Did you mean: 

ASM Policy Blocking Scientific Notation in JSON Profile

hguerrier
Nimbostratus
Nimbostratus

When tuning an ASM Policy what would cause your JSON Profile to flag a payload as such:

 
Violation Details: Malformed JSON data [1]
JSON Buffer4.5600012001319145e
DescriptionMalformed document
Malformed numeric value
Context
Actual URL

/path/to/url

Wildcard URL

*path*

JSON Profile
Default
Applied Blocking SettingsBlock Alarm Learn

 

Attack Type

JSON Parser Attack

 

Payload:

{  
...
"dpps": 4.5600012001319145e+22, "ddpse": 222
...
]

 

1 REPLY 1

Gajji
Cirrus
Cirrus

Enable the relax_unicode_in_json internal parameter.

relax_unicode_in_json: The default is 0.
When the value is changed to 1, a bad unicode character does not produce a JSON malformed violation. A bad unicode character might be a legal unicode character that does not appear in the mapping of the system's JSON parser.