In regular expression protection policy,Does json ...

Report Inappropriate Content · 02-24-2016 07:35 PM

Request body:

{ "function_name": "ADD_TDC", "proj_id": "SER00001", "extraction_date" : "2015-11-16", "test_data_characteristic_id" : "MYC09", "test_case_id" : "TC6", "test_data": ["100261023","123"," "], "number_of_test_accounts" : 10, "test_data": "100261023", "test_workarea" : "SRVCIT01", "test_region" : "VT" }

Error message:

{"fault":"{\"detail\":{\"errorcode\":\"steps.regexprotection.ExecutionFailed\"},\"faultstring\":\"Failed to execute the RegularExpressionProtection StepDefinition TstDatamgmt_RegExpProtection_JSONPayload. Reason: Unexpected duplicate key:test_data at position 225.\"}"}

XML Policy :

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<RegularExpressionProtection async="false" continueOnError="false" enabled="true" name="TstDatamgmt_RegExpProtection_JSONPayload">
  <DisplayName>TstDatamgmt_RegExpProtection_JSONPayload</DisplayName>
  <FaultRules/>
  <Properties/>
  <IgnoreUnresolvedVariables>false</IgnoreUnresolvedVariables>
  <JSONPayload>
    <JSONPath>
      <Expression>$.</Expression>
      <Pattern ignoreCase="true">\b(ALTER( +TABLE){1,1}|CREATE( +TABLE| +INDEX| +DB| +DATABASE| +VIEW){1,1}|(DELETE[*\s+]+FROM)|DROP( +TABLE| +INDEX| +DB| +DATABASE){1,1}|TRUNCATE( +TABLE){1,1}|EXEC(UTE){0,1}|INSERT( +INTO){1,1}|MERGE|((SELECT)(\s+[\S,\s]+\s+))(FROM)|(UPDATE)(\s+[\S,\s]+\s)(SET)|UNION\s*( +ALL){0,1})\b</Pattern>
      <Pattern ignoreCase="true">\b(include|exec|echo|config|printenv)\b</Pattern>
      <Pattern ignoreCase="true"><\s*script\b[^>]*>[^<]+<\s*/\s*script\s*></Pattern> 
    </JSONPath>
  </JSONPayload>
</RegularExpressionProtection>

sidd-harth

Hi @krishnakumar ,you cannot use the same name.

The following entity properties are used as primary keys,

UUID
name

For more info on entity types, kindly visit the below link...

http://docs.apigee.com/app-services/content/default-data-entities

anilsr

@Barahalikar Siddharth , Above question talks about Regular expression protection policy, Your answer is about Apigee BaaS.

anilsr

@krishnakumar , Can you please post the regular expression protection policy xml ?

Report Inappropriate Content

<?xml version="1.0" encoding="UTF-8" standalone="yes"?> <RegularExpressionProtection async="false" continueOnError="false" enabled="true" name="TstDatamgmt_RegExpProtection_JSONPayload"> <DisplayName>TstDatamgmt_RegExpProtection_JSONPayload</DisplayName> <FaultRules/> <Properties/> <IgnoreUnresolvedVariables>false</IgnoreUnresolvedVariables> <JSONPayload> <JSONPath> <Expression>$.</Expression>   <Pattern ignoreCase="true">\b(ALTER( +TABLE){1,1}|CREATE( +TABLE| +INDEX| +DB| +DATABASE| +VIEW){1,1}|(DELETE[*\s+]+FROM)|DROP( +TABLE| +INDEX| +DB| +DATABASE){1,1}|TRUNCATE( +TABLE){1,1}|EXEC(UTE){0,1}|INSERT( +INTO){1,1}|MERGE|((SELECT)(\s+[\S,\s]+\s+))(FROM)|(UPDATE)(\s+[\S,\s]+\s)(SET)|UNION\s*( +ALL){0,1})\b</Pattern>  <Pattern ignoreCase="true">\b(include|exec|echo|config|printenv)\b</Pattern>  <Pattern ignoreCase="true"><\s*script\b[^>]*>[^<]+<\s*/\s*script\s*></Pattern> </JSONPath> </JSONPayload> </RegularExpressionProtection>

agrawalneeraj43

Hi @krishnakumar,

I had a look at your request body, I found that it is not valid itself as you have two key fields named test_data in it viz. "test_data": ["100261023", "123", " "], and "test_data": "100261023" which is not acceptable. Hence the policy failed

Cheers,

Neeraj

In regular expression protection policy,Does json payload allows repeated keys.For post method ,i tried to send the json which has 2 values with same name.The policy is showing error.how to resolve it,please help me