This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

How to customize Error when threat is detected at Regular Expression Protection policy ?

Posted on 06-06-2016 09:26 AM
Not applicable
Reply posted on --/--/---- --:-- AM

I have Threat Protection policy which included both SQL and XSS patterns. But, when threat identified, the fault error returns my pattern in the error response. I would like to customize the error when threat detected. How can i achieve that ? I have created a fault rule and check the condition on ProxyEndpoint flow, and added the Raise Fault after the Threat protection policy. But Fault is not reachable. 

<ProxyEndpoint name="default">
    <Description/>
    <FaultRules>
        <FaultRule name="Header-Fault-rule">
            <Condition>(fault.name = "ExecutionFailed")</Condition>
            <Step>
                <Name>Threat-Protection-Fault</Name>
            </Step>
        </FaultRule>
    </FaultRules>
    <PreFlow name="PreFlow">
        <Request>
	 <Step>               
                <Name>Thread Protection</Name>
         </Step>
  	 <Step>
                <Name>Threat-Protection-Fault</Name>
         </Step>
.
.
.

Default Error by Threat Protection Policy:

{"fault": {
   "faultstring": "Regular Expression Threat Detected in Thread Protection: regex: [\\s]*((delete)|(exec)|(drop\\s*table)|(insert)|(shutdown)|(update)|(\\bor\\b)) input: delete",
   "detail": {"errorcode": "steps.regexprotection.ThreatDetected"}
}}
0 1 562
Topic Labels
0 Likes
1 REPLY 1

Posted on --/--/---- --:-- AM
Not applicable
Reply posted on --/--/---- --:-- AM

Have a look at this article on handling policy faults : http://docs.apigee.com/api-services/content/fault-handling#handlingpolicyfaultswithinthecurrentflow

0 Likes
Top Solution Authors
View all