Aurel
Feb 15, 2019Cirrus
ASM signature 200011026 different behaviour from 11.5.x to 12.x
Hello,
A POST request (multipart/form-data) with png file inside is being blocked by ASM version 11.5.4 The request is having the Content-Type header badly crafted inside the body part, and then ASM is parsing the multipart body in a very bad way.
I am trying to understand why in a v12 version of ASM, the exactly same request is not triggering this signature 200011026 (All signatures sets loaded in the policy).
The signature is part of the Generic Set, the one you have without doing anything more when creating the policy, but i still have added all sets.
Thanks for any advise of experience sharing