Multipart/form-data upload from HttpClient blocked by Azure Application Gateway WAF rule 920140 REQUEST-920-PROTOCOL-ENFORCEMENT #186

shawnz88 · 2023-02-15T15:57:18Z

How to reproduce:

MultipartFormDataContent form = new MultipartFormDataContent();
var message = new HttpRequestMessage();
var content = new MultipartFormDataContent();
content.Add(new StringContent("11111"), "AccountID");
content.Add(new StringContent("22222"), "MessageID");
content.Add(new StringContent("some message"), "MessageBody");

message.Method = HttpMethod.Post;
message.Content = content;
message.RequestUri = new Uri(apiEndpoint);
string token = await bt.GetCachedTokenAsync(cache);
message.Headers.Authorization = new AuthenticationHeaderValue("Bearer", token);

return await httpClient.SendAsync(message);

Azure Application Gateway will block the upload with rule 920140 because the message fails strict validation.

Expected result

The multipart/form-data upload by HttpClient should pass strict validation by WAF rule 920140.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Multipart/form-data upload from HttpClient blocked by Azure Application Gateway WAF rule 920140 REQUEST-920-PROTOCOL-ENFORCEMENT #186

Multipart/form-data upload from HttpClient blocked by Azure Application Gateway WAF rule 920140 REQUEST-920-PROTOCOL-ENFORCEMENT #186

shawnz88 commented Feb 15, 2023 •

edited

Loading

Multipart/form-data upload from HttpClient blocked by Azure Application Gateway WAF rule 920140 REQUEST-920-PROTOCOL-ENFORCEMENT #186

Multipart/form-data upload from HttpClient blocked by Azure Application Gateway WAF rule 920140 REQUEST-920-PROTOCOL-ENFORCEMENT #186

Comments

shawnz88 commented Feb 15, 2023 • edited Loading

How to reproduce:

Expected result

shawnz88 commented Feb 15, 2023 •

edited

Loading