Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions

ASM Policy Blocking Scientific Notation in JSON Profile

hguerrier
Nimbostratus
Nimbostratus

‎22-Apr-2022 11:32

When tuning an ASM Policy what would cause your JSON Profile to flag a payload as such:

 
Violation Details: Malformed JSON data [1]
JSON Buffer4.5600012001319145e
DescriptionMalformed document
Malformed numeric value
Context
Actual URL

/path/to/url

Wildcard URL

*path*

JSON Profile
Default
Applied Blocking SettingsBlock Alarm Learn

 

Attack Type

JSON Parser Attack

 

Payload:

{  
  ...
  "dpps": 4.5600012001319145e+22,
  "ddpse": 222
  ...
]

 

Labels:
0 Kudos
1 REPLY 1

Gajji
Cirrostratus
Cirrostratus

‎01-May-2022 09:27

Enable the relax_unicode_in_json internal parameter.

relax_unicode_in_json: The default is 0.
When the value is changed to 1, a bad unicode character does not produce a JSON malformed violation. A bad unicode character might be a legal unicode character that does not appear in the mapping of the system's JSON parser.

0 Kudos
Copyright © 2023 Khoros, LLC