Is there any limitation on Patch requests on Azure Application Gateway?

Copper Contributor
I have an Azure Application Gateway (WAF mode is detection) and a web application in the backend in my edge network. Everything works well, but I have an issue with a "Patch" request. When I sent this request I received:
 
400 Bad Request
Microsoft-Azure-Application-Gateway/v2
 
I didn't have this issue in another environment without Azure Application Gateway (WAF mode detection).
 
I wanna know if there is any limitation on the Patch request.
2 Replies

@mohsen_akhavan 

 

Take consideration on this:

 

  • Request Size Limits: Azure Application Gateway Web Application Firewall (WAF) allows you to configure request size limits. If your “Patch” request exceeds these limits, the gateway could result in a “400 Bad Request” error
  • WAF Mode:  In “detection" mode, the WAF inspects requests but doesn’t block. However, it’s essential to check if any specific rules or configurations are affecting “Patch” request
Application Gateway WAF will not result in HTTP 400 response. If you have been blocked by WAF you will see 403. In your case your WAF is in detection mode so it will not take any action and will just log it.

HTTP 400 can be returned in few cases such as mutual authentication issues of sending requests that are not RFC compliant. Check this document for examples: https://learn.microsoft.com/en-us/azure/application-gateway/http-response-codes#400--bad-request