Saturday, October 10, 2020

SAP API Management - JSON Threat Protection

Scenario: Allow only 5 properties within a JSON object

Steps:

1. Add an instance of JSON Threat Protection in Preflow for incoming request.

2. Modify the code as per requirement. A value of -1 indicates that the field value has no limits.

Code 

<JSONThreatProtection async="false" continueOnError="false" enabled="true" xmlns="http://www.sap.com/apimgmt">

                <ArrayElementCount>-1</ArrayElementCount>

                <ContainerDepth>-1</ContainerDepth>

                <ObjectEntryCount>5</ObjectEntryCount>

                <ObjectEntryNameLength>-1</ObjectEntryNameLength>

                <Source>request</Source>

                <StringValueLength>-1</StringValueLength>

</JSONThreatProtection>

3. Test the API. 

To enable JSON threat protection policy, you have to specify header 'Content-Type' as application/json

















Posted by at
Labels: ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)