Excluding fields from RegularExpressionProtection

Hi,

I’m using “RegularExpressionProtection” policy in my Proxy, as shown below. This works fine, however I’ve certain fields in request which I want to exclude (don’t want this policy to trigger). However in documentation I couldn’t find any way of achieving this. Could you please suggest what are the options available for me?

<RegularExpressionProtection name="RegularExpressionProtection">

<Source>request</Source>

<JSONPayload escapeSlashCharacter="true">

<JSONPath>

<Expression>$.</Expression>

<Pattern><\s*script\b[^>]*>[^<]+<\s*\/\s*script\s*></Pattern>

<Pattern>n\s*\\\\\s*slash</Pattern>

<Pattern>n\s*\/\s*slash</Pattern>

<Pattern>n\s*\\"\s*quotes</Pattern>

<Pattern>n\s*\\b\s*space</Pattern>

<Pattern>n\s*\\f\s*forwardfeed</Pattern>

<Pattern>n\s*\\n\s*newline</Pattern>

<Pattern>n\s*\\r\s*carria</Pattern>

<Pattern>n\s*\\t\s*tab</Pattern>

<Pattern>n\s*\\uFFFF\s*hex</Pattern>

<Pattern>[\s]*((delete)|(exec)|(drop\s*table)|(insert)|(shutdown)|(update)|(\bor\b))</Pattern >

<Pattern><!--#(include|exec|echo|config|printenv)\s+.*</Pattern>

</JSONPath>

</JSONPayload>

</RegularExpressionProtection>

Cheers,

Mahesh

0 3 190
3 REPLIES 3

Not applicable

In that case its better to use javascript or java callout.

Do you have any sample code that you can share or resource link I can refer to?

If you know exactly which fields to exclude, you could copy the request message into another variable (eg: requestSubset) and then delete from this variable the fields you want to exclude. You can use AssignMessage policy to do this

You could then apply the RegexThreat policy on requestSubset