Forum Discussion

Dev_56330's avatar
Dev_56330
Icon for Cirrus rankCirrus
Nov 07, 2017

Metacharacters and JSON parameters

I am having problems understanding how to configure ASM for a JSON object containing 3 different parameters. I simply want to block “.” in two of the parameters. However, when creating a parameter with JSON as the value type I am no longer able to define allowed/disallowed metacharecters.

 

Edited

 

It looks as though pre 13.0 this was possible in content profiles which you could define for each individual parameter. However, in 13.0 this doesnt look possible.

 

12.x

 

13.0

 

ASM Advanced WAF
security

2 Replies

Sort By
  • Dev_56330's avatar
    Dev_56330
    Icon for Cirrus rankCirrus
    Nov 07, 2017

    By default Parse parameters is checked. By unchecking parse parameters it allows you to define metacharecters, signatures, etc.

     

    https://support.f5.com/kb/en-us/products/big-ip_asm/releasenotes/product/relnote-asm-13-0-0.html

     

    JSON Support and Granularity Improvements

     

    The JSON profile now includes a new flag: parse parameters. The flag is ON by default. The parameters will be extracted if the flag is set and a JSON profile is attached to the URL or parameter. Any sensitive data, attack signatures or meta character exclusions that are defined in the JSON profile are now enforced with any similar items defined in parameters. The entire JSON profile is parsed and tokenized to parameters. The enforcement moves to the parameters and is done according to the configuration of the wildcard or explicit entity that is matched.

     

    • Only1masterbla1's avatar
      Only1masterbla1
      Icon for Cirrus rankCirrus
      Nov 08, 2017

      JSON parameterization was introduced in 13.0. You should be able to change allowed/disallowed metacharacters on per parameter basis. Pre-13.x has a very basic JSON control. I don't have 13.x yet, your findings will be interesting.