ASM: How to expand length limits for select URLs?
I have an ASM policy where I've left the Request Length and POST Data Length at the defaults (5000/1000). This is fine for 99.9% of the site, but I do have a /fileUpload URL which is expected to exceed these limits every time it's used. The parameter named 'file' is used to upload documents and images, so I've created a 'file' parameter which has unlimited length:
However, file uploads still trigger Illegal POST data length and Illegal request length violations - increasing the limit for that parameter doesn't help because the overall request still violates those restrictions.
How can I increase the Request and POST data lengths for just this URL? I only need large uploads on this one URL, but I don't want to loosen the restrictions over the rest of the site to allow it.
Update
Here are two example violations, the first from a Production system in Transparent mode, the second from a Development system in Blocking mode. The Development policy was exported and then imported into the Production device, and upon re-export they're essentially equivalent except insofar as the signature bases differ between the two systems.
Here's the Transparent system with a .tiff file, HTTP Content-Length is 227323 bytes:
Here's the Blocking system with a .tiff file, HTTP Content-Length is 11934876 bytes:
I can't even seem to trigger the same violations on my Development box, and can only trigger by going with a much larger file. It's a little distressing.