Bypass the character for Evasion technique Detected violation

Question

Hi,I need help to bypass or allow %", character which has triggered the Detection violation(Bad unescape) in JSON POST Data. This is legitimate request and i don't see this request on learning suggestion. I am able to find with the help support ID provided by user under the event logs.

youssef1 · Answer

Hi,&nbsp;Easy was, create an URL where the violation is trigged:&nbsp;Security&nbsp;››&nbsp;Application Security : URLs : Allowed URLs : Allowed HTTP URLs&nbsp;››&nbsp;New Allowed HTTP URL... (explicit).&nbsp;Then create parameter needed where the violation is trigged (In the URL created before):&nbsp;&nbsp;Then allow % in this parameter.&nbsp;Don't forget to apply policies.&nbsp;Let me know if it's clear for you.&nbsp;regards

rahulve · Answer

This error appeared for JSON Content not on the uRL . we already have wildcard parameter with % allowed in user-input.

youssef1 · Answer

Hi,&nbsp;I think you can solve easly your problem by specifying the type of parameter.In your case it's json, did you do it?More, can you see the entire blocage page logs?&nbsp;regards&nbsp;

Forum Discussion

Bypass the character for Evasion technique Detected violation

3 Replies

Recent Discussions

Chrome V 124+ on MacOS - Virtual Server Access Issue

F5Access | MacOS Sonoma

Transaction looks successful but file not downloading

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

F5 Access Guard Deprecated: ZTA APM

Related Content

Mitigating new HTTP Request Smuggling techniques with BIG-IP ASM

Credential Stuffing Tools and Techniques

Rate limiting GraphQL API query using iRule and Advanced WAF Violation

Separating False Positives from Legitimate Violations

AWAF - Do not log Geolocation violations from the Event Log