Forum Discussion
3 Replies
When you click on the violation name in the ASM event log it should show you the character in context but not always. The %00 you detected could be the item it was complaining about and if this is allowed for the parameter then you can define it as allowed by going to "Application Security -> URLs -> Allowed URLs" and creating a URL for the faulting page. After you create the URL you can then select it out of the list and pick "URL Parameters" and click the "Create" button. Fill out the form as follows:
Parameter Name : Explicit : (name if the parameter with the null) Parameter Level : URL : URL Path : enter the URL of the page Parameter Value Type : Ignore value
Click "Create".
These steps will allow your page to accept the null value if it should be allowed.
- MSZNimbostratus
But why I am getting Null in Request (Escaped NULL in post data) when there is no \0
ASM doesn't always show the value. Often it does, sometimes it doesn't. The only definitive way I can think of to prove or disprove this would be to use TCPDUMP and look at the traffic with Wireshark