gpt4 book ai didi

Azure WAF 403 响应

转载 作者:行者123 更新时间:2023-12-05 07:33:53 24 4
gpt4 key购买 nike

我收到针对 API 的 PUT 请求的“403 ModSecurity Action”。获取和发布按预期工作。

我首先想到的是 WAF 可能会阻止特定的动词(即 PUT),即“REQUEST-911-METHOD-ENFORCMENT”More info here

但随后网络团队设法找到了该请求的日志 -

TimeGenerated: 2018-05-04T09:55:42Z
AzureDiagnostics 5/4/2018 10:55:42.000 AM AzureDiagnostics ApplicationGatewayFirewall ApplicationGatewayFirewallLog WAF-CPP-01 52.233.137.239 OWASP 3.0 200002 Blocked Global Access denied with code 400 (phase 2). Match of "eq 0" against "REQBODY_ERROR" required. JSON parsing error: parse error: invalid object key (must be a string)\x0a cpp.api.cardiff.gov.uk ApplicationGatewayRole_IN_0

$table AzureDiagnostics
TenantId 31c4d3f2-394f-4c06-833c-9d22912ec8ab
SourceSystem Azure
TimeGenerated 2018-05-04T09:55:42Z
Type AzureDiagnostics
ResourceId /SUBSCRIPTIONS/ECA58BF3-DF5E-41E6-B113-BB96E1EBC768/RESOURCEGROUPS/RG-CPP-COREINFRASTRUCTURE/PROVIDERS/MICROSOFT.NETWORK/APPLICATIONGATEWAYS/WAF-CPP-01
OperationName ApplicationGatewayFirewall
Category ApplicationGatewayFirewallLog
Resource WAF-CPP-01
ResourceGroup RG-CPP-COREINFRASTRUCTURE
ResourceProvider MICROSOFT.NETWORK
SubscriptionId eca58bf3-df5e-41e6-b113-bb96e1ebc768
clientIp_s 52.233.137.239
ruleSetType_s OWASP
ruleSetVersion_s 3.0
ruleId_s 200002
Message Mandatory rule. Cannot be disabled. Failed to parse request body.
action_s Blocked
site_s Global
details_message_s Access denied with code 400 (phase 2). Match of "eq 0" against "REQBODY_ERROR" required.
details_data_s JSON parsing error: parse error: invalid object key (must be a string)\x0a
hostname_s cpp.api.cardiff.gov.uk
instanceId_s ApplicationGatewayRole_IN_0
requestUri_s /Notification/api/Notification/
ResourceType APPLICATIONGATEWAYS
clientPort_d 0

AzureDiagnostics 5/4/2018 10:55:42.000 AM AzureDiagnostics ApplicationGatewayAccess ApplicationGatewayAccessLog WAF-CPP-01 ApplicationGatewayRole_IN_0 52.233.137.239 PUT

$table AzureDiagnostics
TenantId 31c4d3f2-394f-4c06-833c-9d22912ec8ab
SourceSystem Azure
TimeGenerated 2018-05-04T09:55:42Z
Type AzureDiagnostics
ResourceId /SUBSCRIPTIONS/ECA58BF3-DF5E-41E6-B113-BB96E1EBC768/RESOURCEGROUPS/RG-CPP-COREINFRASTRUCTURE/PROVIDERS/MICROSOFT.NETWORK/APPLICATIONGATEWAYS/WAF-CPP-01
OperationName ApplicationGatewayAccess
Category ApplicationGatewayAccessLog
Resource WAF-CPP-01
ResourceGroup RG-CPP-COREINFRASTRUCTURE
ResourceProvider MICROSOFT.NETWORK
SubscriptionId eca58bf3-df5e-41e6-b113-bb96e1ebc768
instanceId_s ApplicationGatewayRole_IN_0
clientIP_s 52.233.137.239
httpMethod_s PUT
requestUri_s /Notification/api/Notification/
requestQuery_s -
userAgent_s PostmanRuntime/7.1.1
httpVersion_s HTTP/1.1
sslEnabled_s on
host_s cpp.api.cardiff.gov.uk
ResourceType APPLICATIONGATEWAYS
clientPort_d 1,025
httpStatus_d 400
receivedBytes_d 1,360
sentBytes_d 185
timeTaken_d 56

该错误提到请求正文存在错误并且 JSON 不正确。但我的结局似乎一切都很好:/

我已经通过 swagger 和 postman 进行了测试。

最佳答案

我们的 WAF 刚刚遇到了这个问题。问题不在于 JSON 格式错误,而在于它太大。我一直无法找到构成大型 JSON 有效负载的确切数字,但如果请求的内容长度超过大约 120-150kb,就会发生这种情况。

关于Azure WAF 403 响应,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/50375252/

24 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com