JsonFilter
JSON (i.e. JavaScript Object Notation) is a human-readable data format for describing objects, originally derived from JavaScript (see RFC 4627 for a detailed description). The JsonFilter checks if the requests containing JSON have a correct syntax and optionally, if they obey various constraints (e.g. maximal nesting depth of the elements).
Classname
ch::nevis::isiweb4::filter::validation::JsonFilter
Library
libInputValidationFilter.so.1
Configuration
Name | Type, Usage Constraints, Defaults | Description |
---|---|---|
BlockOnError | enum (on/off/log); optional, basic, conditional; default: on; Supported Pragmas: break | This parameter defines a list of conditions. The conditions determine for which requests the system must perform a JSON validation. Furthermore, the parameter specifies what to do if the request does not contain valid JSON data. Syntax: on/off/log Sample: Condition:HEADER:Content-Type:application/json on off The above sample makes sure that all requests with "Content-Type header = application/json" contain valid JSON data (as per the configured condition). The system will only process these valid requests ("on"). All requests with another content type will be let through unvalidated ("off"). In case a request is blocked, the system answers with a response containing the status code set in the StatusCode parameter (see below), for example, "403 Access forbidden". |
StatusCode | string; required, basic; min: 1, max: 999; default: 403 | Defines which HTTP status code should be sent back to the client, in case the request is blocked. |
MaxElementNumber | integer; optional | Defines the maximum number of elements that the JSON structure may contain. Note: a parent element with a nested child counts as two elements. |
MaxElementSize | integer; optional | The maximum number of characters that any element value may contain. |
MaxNestingDepth | integer; optional | The maximal depth in which JSON objects may be nested. If you set the value of MaxNestingDepth to more than 1000, it may cause the proxy to crash because of running out of memory. |
ValidationSchemaPath | string; optional | Path where the validation schema is located. No schema validation is performed if the path is not defined. |
WhitelistRegexps | string array; optional | List of regular expressions which all keys and values of the JSON should match (including numbers and literals like true, false, null). A default regular expression is provided for matching all valid JSON keys and values. |
And here is an example of a JSON schema which could be stored in the file referred by the ValidationSchemaPath parameter:
{
"description": "Display Object",
"type": "object",
"properties": {
"name": {
"type": "string"
},
"format": {
"type": "object",
"additionalProperties": false,
"properties": {
"width": {
"type": "integer"
},
"height": {
"type": "integer"
},
"interface": {
"type": "string",
"pattern": "^\[a-z\]+$"
},
"frame rates": {
"type": "integer",
"enum": [
50,
60,
72
]
}
}
}
}
}
And a corresponding JSON message could look like this:
{
"name": "primary display",
"format": {
"width": 1024,
"height": 768,
"interface": "vga",
"frame rates": 50
}
}
Example configuration
For a sample filter configuration, check the JSONFilter.example file in the examples directory.