UTM Firewall

Web Server Security Web Server protection strips empty parameters in REST calls

UTM Firewall requires membership for participation - click to join

Thread Info

State Not Answered
Locked Locked
Replies 0 replies
Subscribers 2 subscribers
Views 589 views
Users 0 members are here

Options

Suggested

This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Web Server protection strips empty parameters in REST calls

Peter Sawatzki over 4 years ago

I have a REST webservice protected/exposed through UTM WAF. The webservice URL is sometimes called with empty parameters, however WAF seems to "optimize" the URL and consolidate the empty parameters, for example the original call


    fw.domain.de/.../param4

is stripped to


fw.domain.de/.../param4

The same webservice exposed through my old TMG Server works flawless and receives empty param2 and 3 for example in the above call.

I tried to disable URL hardening, disable filtering, disable all threat filter categories however with no success.

Any idea how to tell the UTM to leave my URL alone ?

This thread was automatically locked due to age.