Image upload to service issue with f5 firewall
I recently faced an issue with a firewall called f5, the issue began when I uploaded an image, check the attached image.
The firewall blocks the stream of bytes, so I don't know if the problem is in my code or in the firewall.
To be sure that my code has no problem I made an MVC application to test upload and in fiddler the same symbols appeared.
These are the WAF Errors:
- HTTP protocol compliance failure - the request was having a NULL, which could cause buffer overflow issues.
- Failed to convert character - F5 is not able to understand the data after decoding the HTTP traffic and is blocking it.
fiddler capture for MVC upload
Firewall Error Image
What your seeing is F5's WAF (Web Application Firewall), and its blocking the request because something in the request is not matching up with the defined policy of the application. Can you screen shot just below, the general details section, this will usually include the reason for the block (the violations that occurred).
To answer the second part of your question, the symbols are the F5 reversing the encoding, and trying to show you the real characters being sent, this is to get around possible double, triple, etc encoding attacks.
- Simple frame by frame video decoder library
- GCC no longer implements <varargs.h>
- Contents of IO buffer unknown == unsafe?
- Avoiding strcpy overflow destination warning
- Sort program not working, not sure why
- Fast & accurate atan/arctan approximation algorithm
- What's the difference between strtok_r and strtok_s in C?
- How memory address for pointer to arrays is same as an element in 2D array?
- Which is the best way to suppress "unused variable" warning
- How to use ellipsis in c's case statement?
- How can I exclude non-numeric keys? CS50 Caesar Pset2
- Fast ceiling of an integer division in C / C++
- Is there an invalid pthread_t id?
- How to Implement Universal Setter/Getter Functions for Interrupt-Driven Variables in Embedded C?
- How does SIMD (avx) processing work? for example, if I want 10 32 bit floats how do i fit in a 256 bit avx vector?
- FDCAN problems on STM32G4
- How does the call macro enable mutual recursion between functions f and g in this Hanoi Tower implementation?
- Running test on Rocket core CPU - global variable initialized to 0 is unsuccessful, output wrong value instead
- Interacting with C arrays without knowing the size
- Combination of two strings
- carriage return by fgets
- How to use special characters in C?
- Why does 1.0/100.0 == 0.1/10.0 give True?
- Is it correct to compare pointers in C?
- Force free() to return malloc memory back to OS
- How can I print to standard error in C with 'printf'?
- What is the standard behavior of fread in C on Windows?
- How is strtok removing lines it shouldn't have access to?
- Using array as smart point in C
- Assigning string to malloced 2d char array not working as intended