Eljay
Aug 12, 2021Cirrus
Solved
Bypassing ASM on HTTP response
Is it possible to prevent ASM from blocking responses when there's a specific HTTP header present in the HTTP response? Let's say we block responses with HTTP status code 500 by default in our security policies, but is it possible to circumvent the ASM from blocking when the status code is 500 AND Content-Type = "application/problem-handled-return-to-client"? If possible, I'd like this to be generic so I can reuse the same solution in different VS's without changing code.
Try with an iRule. use appropriate asm policy name.
Use logging to see if condition is getting triggered and then it can be disabled.
when HTTP_RESPONSE { ASM::enable "/common/asm_policy" if { ([HTTP::status] == 500) and ([HTTP::header value Content-Type] eq "application/problem-handled-return-to-client") }{ log local0.info "disable asm" ASM::disable return } }