I have an ASM policy where I've left the Request Length and POST Data Length at the defaults (5000/1000). This is fine for 99.9% of the site, but I do have a /fileUpload URL which is expected to exceed these limits every time it's used. The parameter named 'file' is used to upload documents and images, so I've created a 'file' parameter which has unlimited length:
However, file uploads still trigger Illegal POST data length and Illegal request length violations - increasing the limit for that parameter doesn't help because the overall request still violates those restrictions.
How can I increase the Request and POST data lengths for just this URL? I only need large uploads on this one URL, but I don't want to loosen the restrictions over the rest of the site to allow it.
Here are two example violations, the first from a Production system in Transparent mode, the second from a Development system in Blocking mode. The Development policy was exported and then imported into the Production device, and upon re-export they're essentially equivalent except insofar as the signature bases differ between the two systems.
Here's the Transparent system with a .tiff file, HTTP Content-Length is 227323 bytes:
Here's the Blocking system with a .tiff file, HTTP Content-Length is 11934876 bytes:
I can't even seem to trigger the same violations on my Development box, and can only trigger by going with a much larger file. It's a little distressing.
When you click on either of the violations what do they say? (can you post here)
The post/query length relate to file types that you have accepted. Is there one you can associate/create for this upload?
If you uncheck the 'block' button for the 2 violations and leave learn/alarm buttons checks on, how many violations does it pick up on? (are length violations a serious concern for your web app you are trying to protect?)
Let know how it goes with creating the .tiff extension if not create a file type of 'no_ext' and apply the right thresholds against it if ASM cant detect the explicit file types. (if you are open to this)
Below link has a reference about this file type: