Forum Discussion

Deepsri's avatar
Deepsri
Icon for Altocumulus rankAltocumulus
Sep 28, 2021

whitelist a file type for a specific parameter

Is it possible to whitelist a file type for a specific parameter in a ASM/WAF policy   We need to allow files with .exe file extension for query parameter fileName=abc.exe e.g. https://test.co...
application delivery
ASM Advanced WAF
BIG-IP
ragunath154's avatar
ragunath154
Icon for Cirrostratus rankCirrostratus
Sep 29, 2021

as per your http request

the file type is no_ext and parameter name : filename and parameter value :abc.exe

 

so uploading the abc.exe wont trigger illegal file type as its parameter value of filename.

you need to add the parameter filename and set its data type as fileupload and disable the option

Disallow File Upload of Executables

 

 

  • Deepsri's avatar
    Deepsri
    Icon for Altocumulus rankAltocumulus
    Sep 30, 2021

    Thanks for the helpful reply Ragunath. I will try this option. Presently i have allowed .exe for the entire policy