Read Headers and Query Parameter at Policy Level

Report Inappropriate Content · 06-15-2016 06:21 PM

I am using Regular Expression Policy to apply the patterns for Threat Protection where I should have to map each of header names and query parameters which applicable for my services. Is there anyway i can loop through all headers and query parameters regardless of service call. I am fine custom scripts instead of regular expression policy. Thanks !! It would be great help if i get samples.

anilsr

@Kumaresan Sithambaram , Javascript policy should help you do that easily. Have you tried with JS policy ? See similar question asked here and here.

Report Inappropriate Content

Yes, I see In general how to read headers using JS. But, my scenario is how to read them and use in Regular Express policies to validate Patterns ?

anilsr

Dear @Kumaresan Sithambaram ,

Regular expression policy supports threat protection on query params, headers, payload, custom flow variables. You can check policy documentation here for same.

You need to specify which query params you would like to check for threat protection. If you are looking for something like a loop / universal match for query params where all query params are validated against a regular expression, I am afraid it's not available as of today in the regular expression policy. You need to use JS callout to do same using javascript.