Web Application Firewall is blocking a valid image upload
Article ID: CTX568725
Updated On:
Description
We have observed that files with signature numbers starting with "FFD8 FFE0" are allowed through the Web Application Firewall (WAF), but files with signature numbers starting with "FFD8 FFE1" are getting blocked.
Resolution
The typical number for JPEG (JPG) images is "FFD8 FFE0" (also known as the Start of Image marker).
This marker for JPEG files, "FFD8 FFE1," is not typical. It stands for the Application Segment 1 (APP1) marker instead. JPEG files can contain metadata in the form of Exif data or other app-specific information by using the APP1 marker, which is used to store application-specific data.
Web Application Firewall (WAF) does not treat "FFD8 FFE1" as a standard JPEG (JPG) image because doing so could result in potential security risks.
This marker for JPEG files, "FFD8 FFE1," is not typical. It stands for the Application Segment 1 (APP1) marker instead. JPEG files can contain metadata in the form of Exif data or other app-specific information by using the APP1 marker, which is used to store application-specific data.
Web Application Firewall (WAF) does not treat "FFD8 FFE1" as a standard JPEG (JPG) image because doing so could result in potential security risks.
Problem Cause
Web Application Firewall (WAF) does not treat "FFD8 FFE1" as a standard JPEG (JPG) image because doing so could result in potential security risks.
Was this article helpful?
Yes
No
Powered by
