ASM: Failed to convert character

Question

Hello everyone,&nbsp;
I have an application protected by ASM using charset UTF-8. What happens is that sometimes I get some false-positives because the user browser is not using the charset informed in the meta tag. For instance, in some tests using Chrome and having as input some strings like “weißbier” or “über” I have no problems, but when I use Internet Explorer 11, ASM blocks the request with this error.&nbsp;
There is an article from Microsoft about this saying that IE does not always take the specified charset in the page but it might be overridden by OS settings:&nbsp;
https://support.microsoft.com/en-us/help/928847/internet-explorer-uses-the-wrong-character-set-when-it-renders-an-html&nbsp;
So my question is, how do you deal with this? I wouldn't like to disable this check in the Security Policy, any possible alternatives?&nbsp;

renato · Answer

If you know which one is the problematic client and the policy element affected, you are able to allow traffic when it happens using iRule.
Something like this:
when ASM_REQUEST_VIOLATION
{
    set asmdata [ASM::violation_data]
    if {([lindex $asmdata 0] contains "VIOLATION_CHAR_CONV")}
    {
        if { [string tolower [HTTP::header User-Agent]] contains "msie" }
        {
            ASM::unblock
        }
    }
}

Forum Discussion

ASM: Failed to convert character

1 Reply

Recent Discussions

Chrome V 124+ on MacOS - Virtual Server Access Issue

F5Access | MacOS Sonoma

Transaction looks successful but file not downloading

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

F5 Access Guard Deprecated: ZTA APM

Related Content

Failed to convert character

Failed to convert character dclid=%EDclid!

Converting TCL-Based iRules to Distributed Cloud Service Policies and L7 Routes

Alteon Config Converter

Unbreaking the Internet and Converting Protocols