I am currently detected violation for following parameter for example. i am still try to creating dynamic content vlaue in WAF but it doesn't work. can you please give suggestion or any example for creating DCV
Creating a Dynamic Content Value (DCV) in a Web Application Firewall (WAF) like F5 ASM is a crucial step in ensuring that your application is secure from threats. The violation you're encountering may be due to incorrect parameter configuration, or the parameter might be misbehaving in a way that is unexpected by your security policy. The parameter you have given is a complex one, and it's quite possible that it's dynamic in nature. You can create a DCV for this parameter to tell F5 ASM that it's expected to change. Here's an example of how to do this using your parameter: 1. Log in to your F5 ASM user interface. 2. Navigate to "Security" > "Application Security" > "Policy Building" > "Dynamic Parameters". 3. Click "Create" to open the "New Dynamic Parameter" page. 4. Enter the parameter name as "ctl00_ContentPlaceHoldserContent_RecommendationDetailwweq_Recommendation_RecommendationHissstory_ctrlList_GridView_clientSdstatess". 5. Choose the method for which the parameter will be dynamic. This could be "POST", "GET", or "Any Method". You'll need to know how this parameter is being used in your application. 6. Specify the "Parameter Location" in the HTTP request, which could be the "Request Body", "URL Query String", or "Any". 7. If the value of the parameter is case sensitive, select "Yes" for "Is Value Case Sensitive". 8. Under "Pattern Recognition", you may choose "Always" dynamic as this parameter is likely to change often. If there's a specific pattern to the changes, you could use "Dynamic if Matches Pattern" and specify that pattern. 9. Click "Finished" to create your dynamic parameter.
@aali86 - - If your post was solved it would be helpful to the community to select Accept As Solution. Thanks for joining and being part of our community.
When I played importing a swagger/openapi file that had free form (swagger/openapi calls it free-form object) query parameters F5 in the background made a parameter that is using json profile that can have different names like test* and specific values maybe see if that helps .
