SalishSeaSecurity
Jul 22, 2009Altostratus
Illegal parameter...even after 'accept'
I am in the process of building a policy and am stuck with one parameter that is causing me headaches. It looks like this:
['DateBox.TodayFormat']
A couple of things to note:
1) ASM recognizes the parameter as and recognizes everything after that as parameter value
2) I have copied the text as presented in the web page, but ASM picks up on the unprintable metacharacters (space, tab, carriage return) in addition to the obvious brackets, quotes etc.
3) When 'accepting' the violation, I select "Static content" and ASM inserts the entire value string, _minus_ the unprintable metacharacters
4) If I define level as "URL parameter", ASM kicks back not only illegal parameter, but unknown level. If I define level as "Global Parameter", ASM kicks back illegal parameter, but recognizes it as global level.
5) I've tried inserting the unprintables 0xd, 0x9 and 0x20 into the value string and addding it as static content, and ASM still kicks back an illegal parameter error.
I'm out of ideas. Any suggestions?
- J