cancel
Showing results for 
Search instead for 
Did you mean: 

Nameless JSON parameter in ASM

Brett_Kopetsky
Nimbostratus
Nimbostratus

We're trying to parse JSON objects for parameters in our ASM policy. The content type is application/json. On one of our API endpoints, we receive payload that looks like this:

 

["sensitive data here"]

 

I believe this is technically valid JSON as a bare array. It seems that the ASM expects everything to be a key-value pair. How do I parse this payload into a parameter so that I can then mark that parameter for exclusion from logs?

 

 

1 REPLY 1

Ivan_Chernenkii
F5 Employee
F5 Employee

Hello Brett,

 

You are right - this is valid JSON, and ASM parses it correctly as valid JSON, but currently there is no way to parse such JSON body as parameter and make it masked.

Could you open SR for it?

 

Thanks, Ivan