Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral

Filter by:
  • Solution
  • Technology
Answers

Malformed JSON data and Character encoding

Hi team,

The following POST request triggers the violation "Malformed JSON data" .

POST https://10.10.1.80/ HTTP/1.1
Content-Type: application/json; charset=iso-8859-1
Host: 10.10.1.80
Expect: 100-continue
Connection: Keep-Alive
Content-Length: 81

{
    "firstname":"René",
    "lastname":"ATAMETY",
    "terminal":"390469001"
}

The learning suggestion for this violation is to remove the JSON profile and "apply value and content signatures" to the URL which is not something I want to do.

After some troubleshooting, I noticed that :

  • If I remove the "é" character from the posted data then the violation is not triggered.

  • If I remove the ";charset= iso-8859-1" from the Content-Type header the violation is not triggered as well.

I would like to understand why the charset needs to be at its default value (utf-8) for the bigip to understand the "é" character.

PS: I'm in LAB environment and in version 13.1.0.3.

Many thanks,

Karim BENYELLOUL

0
Rate this Question

Answers to this Question

placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

ASM is correct in blocking this request as JSON can't be encoded in charset= iso-8859-1

The JSON Standard (RFC7159) clearly states that:

"JSON text shall be encoded in UTF-8, UTF-16, or UTF-32"

Speak to the application developers as they should be sending JSON in UTF-8 and escaping the special characters. If they question this - point them to the JSON standard.

Link to JSON Standard: https://tools.ietf.org/html/rfc7159

0
Comments on this Answer
Comment made 4 weeks ago by Karim.Benyelloul 179

Many thanks samstep !

0