LB
Aug 14, 2020Cirrus
Solved
Return ASM Violation in Response
Hey folks, Is it possible to return the ASM violation in the response body? If so, what does that logic look like?
- Aug 20, 2020
I don't know how to do it in simple way, but you can try to use ASM iRule for this purpose.
Something like this:
when ASM_REQUEST_BLOCKING {
set x [ASM::violation_data]
#c_ stands for "custom"
set c_brp "<html>
<head>
<title>This is a custom BRP!</title>
</head>
<body>
<h1>The request was blocked and next violations were detected: [lindex $x 0].</h1>
</body>
</html>"
set c_brplen [string length $c_brp]
HTTP::header replace "Content-length" $c_brplen
#ASM already formed a BRP, so we delete it first and place ours instead
#d_ stands for "default"
set d_brplen [ASM::payload length]
ASM::payload replace 0 $d_brplen $c_brp
}
Thanks, Ivan