Issue Getting JSON Response Page to Present on ASM Block
Running 12.1.2 HF1 - ASM is configured to present a block response page when illegal requests are detected for a web application. I verified in the logs that illegal requests are being detected and dropped, the response page doesn't display. The form triggering this illegal request uses a javascript API (similar to toastr )which expects a response in JSON and but when the block page is returned in HTML nothing is displayed.
When configuring the response page in JSON format still nothing get displayed. The application seems to be sending the data of an error and we need to somehow intercept this and manipulate it. As of now when the response is given it just returns a blank window with no text.
As another workaround, we were thinking of leveraging a URL redirect to direct users to a custom block page, but this framework requires jquery/.NET which is not used by the web application.
I have searched devcentral about this issue and pieced together a few attempts, the syntax gets accepted but still doesn't display the blocked page
when HTTP_REQUEST {
set json_content 0
if { [HTTP::header "Content-Type"] contains "json" } {
set json_content 1
}
}
when ASM_REQUEST_BLOCKING
{
if { $json_content } {
if { [ASM::status] contains "block" } {
ASM::unblock
HTTP::header remove Content-Length
HTTP::header insert header_1 value_1
set response "{ \"glossary\": { \"title\": \"example glossary\", \"GlossDiv\": { \"title\": \"S\", \"GlossList\": { \"GlossEntry\": { \"ID\": \"SGML\", \"SortAs\": \"SGML\", \"GlossTerm\": \"Standard Generalized Markup Language\", \"Acronym\": \"SGML\", \"Abbrev\": \"ISO 8879:1986\", \"GlossDef\": { \"para\": \"The requested operation was rejected. Please consult with your administrator. Your support ID is: <%TS.request.ID()%>\", \"GlossSeeAlso\": \[\"GML\", \"XML\"\] }, \"GlossSee\": \"markup\" } } } } }"
ASM::payload replace 0 [ASM::payload length] ""
ASM::payload replace 0 0 $response
}
}
}
**also tried**
when ASM_REQUEST_BLOCKING
{
set ASM_block 0
if { [ASM::status] contains "block" } {
set ASM_block 1
}
}
when HTTP_RESPONSE {
if { $ASM_block } {
HTTP::respond 200 content {
The requested operation was rejected. Please consult with your administrator. Your support ID is: <%TS.request.ID()%>
} Cache-Control No-Cache Pragma No-Cache
}
}