Last Modified: Nov 07, 2022
Affected Product:
See more info
BIG-IP ASM
Known Affected Versions:
11.4.0, 11.4.1, 11.5.0, 11.5.1, 11.5.1 HF1, 11.5.1 HF10, 11.5.1 HF11, 11.5.1 HF2, 11.5.1 HF3, 11.5.1 HF4, 11.5.1 HF5, 11.6.0, 11.6.0 HF1, 11.6.0 HF2, 11.6.0 HF3
Fixed In:
12.0.0, 11.6.0 HF4, 11.5.1 HF6
Opened: Aug 20, 2014
Severity: 3-Major
Some UTF-8 characters in JSON data can result in the "Malformed JSON data" violation.
The ASM identified properly formatted JSON data as malformed.
JSON and UTF-8 handling -- There are applications that use unicode characters that are not mapped as allowed by the ASM XML/JSON parser.
N/A
So that you can bypass unicode validation on XML and JSON profiles, we added two internal parameters: - relax_unicode_in_xml: The default is 0 which is the current behavior. When the value is changed to 1, a bad unicode character does not produce an XML malformed violation. A bad unicode character might be a legal unicode character that does not appear in the mapping of the system's XML parser. - relax_unicode_in_json: The default is 0 which is the current behavior. When the value is changed to 1, a bad unicode character does not produce a JSON malformed violation. A bad unicode character might be a legal unicode character that does not appear in the mapping of the system's JSON parser.
