Forum Discussion
Thank you.
I will contact with network team and try it
Hi TsukiAzuma ,
1. You must decide which meta characters is allowed for the parameters.
2. If you accept suggestion for wildcard parameters illegal meta characters would be accepted for all parameters but not for particular learned parameters.
3. Allowed: Specifies that the character or meta character can occur in parameter values. Disallowed: Specifies that the character or meta character can not occur in parameter values.
4. This settings came from /Security/Application Security/Parameters/Characters Sets
Do you have any records about violation?
Security ›› Application Security : Policy Building : Violations on Entities : Violations on Parameters
A legitimate parameter value has been blocked due to a disallowed character. This is considered a false positive.
Recommended Actions
To allow a meta character value at the parameter level, go to:
Security >> Application Security : Parameters : Parameters List >> <parameter> >> Value Meta Characters
Alternatively, for all parameters, this may be configured at:
Security >> Application Security : Parameters : Character Sets : Parameter Value
>> Apply your policy
>> Test again
Share your test reults again with me.
refer this link:
K6787: Working with metacharacters in the BIG-IP ASM security policy
https://support.f5.com/csp/article/K6787
https://f5-agility-labs-waf.readthedocs.io/en/latest/class5/module1/lab4/lab4.html
HTH
- TsukiAzumaDec 16, 2022Altostratus
Thank you for your advice.
I will share test result when network team have report.