According to the documentation here
https://docs.apigee.com/api-platform/reference/policies/xml-threat-protection-policy
It says that the XMLThreatProtection policy can validate the XML against a .xsd
But I can't see anywhere in that link where it explains how to validate against a .xsd it only demonstrates checks on string and element limits with numbers.
Solved! Go to Solution.
Hmmm, I see you're right! I'm surprised but.. yes, the documentation for the XMLThreatProtection states that the policy can validate the XML against a .xsd. This statement in the documentation is incorrect! I'll get that fixed.
There is a MessageValidation policy that can validate the XML against a .xsd. But you cannot do that with the XMLThreatProtection policy. While the header on this documentation page reads "SOAP Message Validation", the policy validates more than just SOAP messages. It can validate any XML message against an XSD schema.
Hmmm, I see you're right! I'm surprised but.. yes, the documentation for the XMLThreatProtection states that the policy can validate the XML against a .xsd. This statement in the documentation is incorrect! I'll get that fixed.
There is a MessageValidation policy that can validate the XML against a .xsd. But you cannot do that with the XMLThreatProtection policy. While the header on this documentation page reads "SOAP Message Validation", the policy validates more than just SOAP messages. It can validate any XML message against an XSD schema.
This helps.
Can you please provide a repo having simple proxy with example and a link to get idea how to create xsd file easily
An XSD is a Schema - you need to author that schema yourself. You can use a text editor or something like XMLSpy or other tools for creating schema documents.
Here's a simple example proxy that shows how to validate an inbound message against an XSD.
I am not able to post a question in community, form is giving error. does any one have same, now?
@myara FYI
Yes, we're having a problem. We're working to fix it. I'm sorry about this.