Last Modified: Aug 17, 2022
Affected Product(s):
BIG-IP ASM
Known Affected Versions:
11.6.0, 11.5.1, 11.4.1
Fixed In:
12.0.0, 11.6.0 HF5, 11.5.1 HF6
Opened: Jul 10, 2014 Severity: 4-Minor Related Article:
K10340625
You cannot configure the system to ignore a null value for parameters defined as file upload regardless of the content-type of the parameter in the request. Following the multipart null flow, the system first looks into the content type defined for the parameter in the request itself. If the parameter is defined as textual, the system does not allow a null to appear there, regardless of the policy configuration for that parameter.
A null-in-request violation occurs.
Parameter is defined in the multipart request as textual and has a null in it.
None.
There is a new internal parameter: 'ignore_null_in_multipart_text'. When the internal parameter is set, the system does not issue a null-in-request violation when a null appears in the request. -- If the parameter is defined as file upload in the security policy, no violation is issued. -- If the parameter is defined as something else, the system issues the violation 'null-in-multipart request'. -- If the parameter is not defined in the security policy, the system issues the violation 'null-in request'. To use the new parameter, run the following commands, in sequence: -- /usr/share/ts/bin/add_del_internal add ignore_null_in_multipart_text 1 -- bigstart restart asm
This release introduces a parameter ignore_null_in_multipart_text. To use it, run the following commands in sequence: -- /usr/share/ts/bin/add_del_internal add ignore_null_in_multipart_text 1 -- bigstart restart asm