This article describes how to configure allowed content types of HTTP request in Application Firewall on a NetScaler appliance.

Background

By default, HTTP requests with the following content types are processed by Application Firewall:

• application/x-www-form-urlencoded
• multipart/form-data

HTTP requests with the other content types are allowed to the backend server without any processing. You can configure the Application Firewall to allow some content types to the backend sever without processing and blocking the remaining content types.

Instructions

To add the allowed content types to an Application Firewall Profile, complete the following procedure:

1. Select Security > Application Firewall > Profiles from the Configuration utility of the appliance.

2. Open the Application Firewall profile, where a list of allowed content types must be set.

3. Select the Settings tab.

   

4. Click Manage Allowed Content Types.

5. Add the list of content types that you want to allow to the backend server without any processing.
   The other content types will be blocked.

To configure the preceding setup from the command line interface of the appliance, run the following command and bind the allowed content types to the profile:

bind appfw profile <profile_name> -ContentType <content_type>

Note: A content type provided in the allowed content types list is a regular expression.