Handle JSON Threat

When to use

Use this policy when you have an API that accepts json and you want to ensure that the json contents are safe to process

Details

Similar to XML-based services, APIs that utilize JavaScript Object Notation (JSON) are susceptible to content-level attacks. Simple JSON attacks aim to exploit JSON parsers by employing structures that can overwhelm them, potentially causing a service to crash and enabling application-level denial-of-service attacks. It is crucial to note that all API settings are optional but should be carefully configured to optimize the service's requirements while mitigating potential vulnerabilities. By appropriately tuning these settings, you can enhance the security of your service and protect it against potential attacks.

You can handle these risks by adding this policy to the endpoints that process json content. 

Configuration

The configuration fields for the policy are:

[* Indicates a mandatory field]

Name *: Display name of the policy

Description: Description of policy

Enabled: Flag to indicate if the policy is enabled. If this field is not checked, the policy will be ignored at runtime and any fields from its output will contain a default initial value

Continue on Error: Flag to indicate that the flow should continue even if this policy throws an error

Array Length: String length of element names in XML

Object Depth: Maximum allowed value for nesting of objects. For example if an object contains another object then the depth is 2

Object member count: The maximum number of allowed members (keys) in json object

Field Name Length: String length of the names of fields

Field Value Length: String length of the value of fields 

Input fields

source: json that needs to be evaluated for threats

Output fields

result: If the json passes threat checks then returns true otherwise returns false 

message: Describes the threat if any found otherwise returns empty string