Skip to main content
Version: 8.2411.x.x RR

JsonFilter

JSON (i.e. JavaScript Object Notation) is a human-readable data format for describing objects, originally derived from JavaScript (see RFC 4627 for a detailed description). The JsonFilter checks if the requests containing JSON have a correct syntax and optionally, if they obey various constraints (e.g. maximal nesting depth of the elements).

Classname
ch::nevis::isiweb4::filter::validation::JsonFilter
Library
libInputValidationFilter.so.1
Default RequestFlags
+NEEDS_JSON_PARSING

Configuration

BlockOnError

Type: Enum
Possible values: on, off, log
Usage Constraint: optional, conditions are allowed
Supported pragams: break
Default: on

This parameter defines a list of conditions. The conditions determine for which requests the system must perform a JSON validation. Furthermore, the parameter specifies what to do if the request does not contain valid JSON data.

Condition:HEADER:Content-Type:application/json
on
off

The above sample makes sure that all requests with Content-Type header application/json contain valid JSON data. The system will only process these valid requests (on). All requests with another content type will be let through unvalidated (off). In case a request is blocked, the system answers with a response containing the status code set in the StatusCode parameter (see below), for example, 403 Access forbidden.

StatusCode

Type: Integer
Range: min: 1, max: 999 Usage Constraint: optional
Default: 403

Defines which HTTP status code should be sent back to the client, in case the request is blocked.

MaxElementNumber

Type: Integer
Usage Constraint: optional

Defines the maximum number of elements that the JSON structure may contain. A parent element with a nested child counts as two elements.

MaxElementSize

Type: Integer
Usage Constraint: optional

The maximum number of characters that any element value may contain.

MaxNestingDepth

Type: Integer
Usage Constraint: optional

The maximal depth in which JSON objects may be nested. If you set the value of MaxNestingDepth to more than 1000, it may cause the proxy to crash because of running out of memory.

ValidationSchemaPath

Type: String
Usage Constraint: optional

Path where the validation schema is located. No schema validation is performed if the path is not defined.

WhitelistRegexps

Type: String array
Usage Constraint: optional
Default: ([\x00-\x33\x35-\x5B\x5D-\xFFFF]|(\\[\\\"/bfnrt])|(\\u[0-9a-fA-F]{4}))*

List of regular expressions which all keys and values of the JSON should match (including numbers and literals like true, false, null). A default regular expression is provided for matching all valid JSON keys and values.

Example

Here is an example of a JSON schema which could be stored in the file referred by the ValidationSchemaPath parameter:

{
"description": "Display Object",
"type": "object",
"properties": {
"name": {
"type": "string"
},
"format": {
"type": "object",
"additionalProperties": false,
"properties": {
"width": {
"type": "integer"
},
"height": {
"type": "integer"
},
"interface": {
"type": "string",
"pattern": "^\[a-z\]+$"
},
"frame rates": {
"type": "integer",
"enum": [
50,
60,
72
]
}
}
}
}
}

And a corresponding JSON message could look like this:


{
"name": "primary display",
"format": {
"width": 1024,
"height": 768,
"interface": "vga",
"frame rates": 50
}
}
Example configuration

For a sample filter configuration, check the JSONFilter.example file in the examples directory.