| bindappfwprofile_xmldosurl |
Use this method to bind xmldosurl to appfw profile. |
Syntax |
Parameters |
name |
Name of the profile to which to bind an exemption or rule. This is mandatory parameter. |
xmldosurl |
Exempt the specified URL from the specified XML denial-of-service (XDoS) attack protections.
An XDoS exemption (relaxation) consists of the following items:
* URL. PCRE-format regular expression for the URL or URLs to be exempted.
* Maximum-element-depth-check toggle. ON to enable this check, OFF to disable it.
* Maximum-element-depth-check toggle. ON to enable, OFF to disable.
* Maximum-element-depth-check level. Positive integer representing the maximum allowed depth of nested XML elements.
* Maximum-element-name-length-check toggle. ON to enable, OFF to disable.
* Maximum element name length. Positive integer representing the maximum allowed length of XML element names.
* Maximum-number-of-elements-check toggle. ON to enable, OFF to disable.
* Maximum number of elements. Positive integer representing the maximum allowed number of XML elements.
* Maximum-number-of-element-children-check toggle. ON to enable, OFF to disable.
* Maximum number of element children. Positive integer representing the maximum allowed number of XML element children.
* Maximum-number-of-attributes-check toggle. ON to enable, OFF to disable.
* Maximum number of attributes. Positive integer representing the maximum allowed number of XML attributes.
* Maximum-attribute-name-length-check toggle. ON to enable, OFF to disable.
* Maximum attribute name length. Positive integer representing the maximum allowed length of XML attribute names.
* Maximum-attribute-value-length-check toggle. ON to enable, OFF to disable.
* Maximum attribute value length. Positive integer representing the maximum allowed length of XML attribute values.
* Maximum-character-data-length-check toggle. ON to enable, OFF to disable.
* Maximum character-data length. Positive integer representing the maximum allowed length of XML character data.
* Maximum-file-size-check toggle. ON to enable, OFF to disable.
* Maximum file size. Positive integer representing the maximum allowed size, in bytes. of attached or uploaded files.
* Minimum-file-size-check toggle. ON to enable, OFF to disable.
* Minimum file size. Positive integer representing the minimum allowed size, in bytes, of attached or uploaded files.
* Maximum-number-of-entity-expansions-check toggle. ON to enable, OFF to disable.
* Maximum number of entity expansions. Positive integer representing the maximum allowed number of XML entity expansions.
* Maximum-number-of XML-namespaces-check toggle. ON to enable, OFF to disable.
* Maximum number of XML namespaces. Positive integer representing the maximum allowed number of XML namespaces.
* Maximum-XML-namespace-URI-length-check toggle. ON to enable, OFF to disable.
* MaximumXML-namespace URI length. Positive integer representing the maximum allowed length of XML namespace URIs.
* Block-processing-instructions toggle. Block XML processing instructions. ON to enable, OFF to disable.
* Block-DTD toggle. Block design type documents (DTDs). ON to enable, OFF to disable.
* Block-external-XML-entitites toggle. ON to enable, OFF to disable.
* Maximum-SOAP-array-check toggle. ON to enable, OFF to disable.
* Maximum SOAP-array size. Positive integer representing the maximum allowed size of XML SOAP arrays.
* Maximum SOAP-array rank. Positive integer representing the maximum rank (dimensions) of any single XML SOAP array. |
xmlmaxelementdepthcheck |
State if XML Max Element Depth Check is ON or OFF. Default value = OFF. Possible Values : ON, OFF. |
xmlmaxelementdepth |
Maximum nesting (depth) of XML elements. This check protects against documents that have excessive depth of hierarchy. Default value = 256. Minimum value = 1. Maximum value = AS_MAX_INT_LEN. |
xmlmaxelementnamelengthcheck |
State if XML Max Element Name Length Check is ON or OFF. Default value = OFF. Possible Values : ON, OFF. |
xmlmaxelementnamelength |
Specify the longest name of any element (including the prefix for qualified element name) to protect against overflow attacks. Default value = 128. Minimum value = 1. Maximum value = AS_MAX_INT_LEN. |
xmlmaxelementscheck |
State if XML Max Elements Check is ON or OFF. Default value = OFF. Possible Values : ON, OFF. |
xmlmaxelements |
Specifying maximum number of elements protects against overflow attacks. Default value = 65535. Minimum value = 1. Maximum value = AS_MAX_INT_LEN. |
xmlmaxelementchildrencheck |
State if XML Max Element Children Check is ON or OFF. Default value = OFF. Possible Values : ON, OFF. |
xmlmaxelementchildren |
Specifying maximum number of children allowed per element protects against overflow attacks. Default value = 65535. Maximum value = AS_MAX_INT_LEN. |
xmlmaxnodescheck |
State if XML Max Nodes Check is ON or OFF. Default value = OFF. Possible Values : ON, OFF. |
xmlmaxnodes |
Specify the maximum number of nodes. Protects against overflow attacks. Default value = 65535. Maximum value = AS_MAX_INT_LEN. |
xmlmaxattributescheck |
State if XML Max Attributes Check is ON or OFF. Default value = OFF. Possible Values : ON, OFF. |
xmlmaxattributes |
Specify maximum number of attributes per element. Protects against overflow attacks. Default value = 256. Maximum value = AS_MAX_INT_LEN. |
xmlmaxattributenamelengthcheck |
State if XML Max Attribute Name Length Check is ON or OFF. Default value = OFF. Possible Values : ON, OFF. |
xmlmaxattributenamelength |
Specify the longest name of any attribute (including the prefix for qualified attribute name). Protects against overflow attacks. Default value = 128. Minimum value = 1. Maximum value = AS_MAX_INT_LEN. |
xmlmaxattributevaluelengthcheck |
State if XML Max Atribute Value Length is ON or OFF. Default value = OFF. Possible Values : ON, OFF. |
xmlmaxattributevaluelength |
Specify the longest value of any attribute. Protects against overflow attacks. Default value = 2048. Maximum value = AS_MAX_INT_LEN. |
xmlmaxchardatalengthcheck |
State if XML Max CDATA Length Check is ON or OFF. Default value = OFF. Possible Values : ON, OFF. |
xmlmaxchardatalength |
Maximum size of CDATA protects against overflow attacks and large unparsed data within XML messages. Default value = 65535. Maximum value = AS_MAX_POSTBODYLIMIT_XML. |
xmlmaxfilesizecheck |
State if XML Max File Size Check is ON or OFF. Default value = OFF. Possible Values : ON, OFF. |
xmlmaxfilesize |
Maximum size of the XML messages protects against overflow attacks. Default value = AS_DEFAULT_POSTBODYLIMIT. Minimum value = 4. Maximum value = AS_MAX_POSTBODYLIMIT_XML. |
xmlminfilesizecheck |
State if XML Min File Size Check is ON or OFF. Default value = OFF. Possible Values : ON, OFF. |
xmlminfilesize |
Enforces minimum message size. Default value = 9. Minimum value = 4. Maximum value = AS_MAX_POSTBODYLIMIT_XML. |
xmlblockpi |
State if XML Block PI is ON or OFF. Protects resources from denial of service attacks as SOAP messages can not have Processing Instruction (PI) in the message. Default value = OFF. Possible Values : ON, OFF. |
xmlblockdtd |
State if XML DTD is ON or OFF. Protects against recursive Document Type Declaration (DTD) entity expansion attacks. Also, SOAP messages can not have DTD in the message. Default value = OFF. Possible Values : ON, OFF. |
xmlblockexternalentities |
State if XML Block External Entities Check is ON or OFF. Protects against XML External Entity (XXE) attacks that force applications to parse untrusted external entities (sources) in XML documents. Default value = OFF. Possible Values : ON, OFF. |
xmlmaxentityexpansionscheck |
State if XML Max Entity Expansions Check is ON or OFF. Default value = OFF. Possible Values : ON, OFF. |
xmlmaxentityexpansions |
Specify maximum allowed number of entity expansions. Protects aganist Entity Expansion Attack. Default value = 512. Maximum value = 1024. |
xmlmaxentityexpansiondepthcheck |
State if XML Max Entity Expansions Depth Check is ON or OFF. Default value = OFF. Possible Values : ON, OFF. |
xmlmaxentityexpansiondepth |
Specify maximum entity expansion depth. Protects aganist Entity Expansion Attack. Default value = 8. Maximum value = 24. |
xmlmaxnamespacescheck |
State if XML Max Namespaces Check is ON or OFF. Default value = OFF. Possible Values : ON, OFF. |
xmlmaxnamespaces |
Specify maximum number of active namespaces. Protects against overflow attacks. Default value = 16. Maximum value = 512. |
xmlmaxnamespaceurilengthcheck |
State if XML Max Namspace URI Length Check is ON or OFF. Default value = OFF. Possible Values : ON, OFF. |
xmlmaxnamespaceurilength |
Specify the longest URI of any XML namespace. Protects against overflow attacks. Default value = 256. Maximum value = AS_MAX_INT_LEN. |
xmlsoaparraycheck |
State if XML SOAP Array check is ON or OFF. Default value = OFF. Possible Values : ON, OFF. |
xmlmaxsoaparraysize |
XML Max Total SOAP Array Size. Protects against SOAP Array Abuse attack. Default value = AS_DEFAULT_POSTBODYLIMIT. Maximum value = AS_MAX_POSTBODYLIMIT_XML. |
xmlmaxsoaparrayrank |
XML Max Total SOAP Array Rank. Protects against SOAP Array Abuse attack. Default value = 16. Maximum value = 32. |
Return Value |
Returns simpleResult |
See Also |