Malformed JSON data and Character encoding

Question

Hi team, The following POST request triggers the violation "Malformed JSON data" .POST https://10.10.1.80/ HTTP/1.1
Content-Type: application/json; charset=iso-8859-1
Host: 10.10.1.80
Expect: 100-continue
Connection: Keep-Alive
Content-Length: 81
&nbsp;
{
    "firstname":"John",
    "lastname":"Doe",
    "terminal":"12345"
}The learning suggestion for this violation is to remove the JSON profile and "apply value and content signatures" to the URL which is not something I want to do. After some troubleshooting, I noticed that : If I remove the "é" character from the posted data then the violation is not triggered. &nbsp;If I remove the ";charset= iso-8859-1" from the Content-Type header the violation is not triggered as well.&nbsp;I would like to understand why the charset needs to be at its default value (utf-8) for the bigip to understand the "é" character. PS: I'm in LAB environment and in version 13.1.0.3. Many thanks, Karim BENYELLOUL

samstep · Answer

ASM is correct in blocking this request as JSON can't be encoded in charset= iso-8859-1 &nbsp;
The JSON Standard (RFC7159) clearly states that:&nbsp;
"JSON text shall be encoded in UTF-8, UTF-16, or UTF-32"&nbsp;
Speak to the application developers as they should be sending JSON in UTF-8 and escaping the special characters. If they question this - point them to the JSON standard.&nbsp;
Link to JSON Standard: https://tools.ietf.org/html/rfc7159&nbsp;

Forum Discussion

Malformed JSON data and Character encoding

1 Reply

Recent Discussions

import live updates from version x to version y

Tenant image upgrade

iRule editor partition button does not work

F5Access | MacOS Sonoma

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

Related Content

Base32 Encoding and Decoding With iRules

Base32 Encoder and Decoder

Character Length for Object Names

TCL procedures for Base32 encoding/decoding

HTML encoding proc