Regex Threat Protection Policy Configuration Values
The following configuration values can be defined while configuring the Regex Threat Protection policy on the Call Transformation page:
note
- Only pre-processing is applicable for this policy. Post-processing is not applicable.
- This policy supports only one entry for any given PreInput value. If you enter the same PreInput value more than once, only one value will be used.
| Field name | Type | Field Value | Required/Optional | Description |
|---|---|---|---|---|
| Processing Adapter | String | com.mashery.proxy.protection.regex-threat-protection | Required | Adapter that evaluates request content against a configured regular expression and rejects matching requests with HTTP 400. |
| Perform Pre-processing | Boolean | Enabled / Disabled | Required | When enabled, the policy inspects the request before forwarding it to the backend. Note: This policy only supports pre-processing. The post-processing toggle has no effect. |
| Data to make available for pre-processing (PreInput Values) | Map | |||
| String | regex | Optional | A regular expression used to detect malicious content. The policy uses full-string matching, so that the entire evaluated string must match the pattern. Wrap the pattern with .* on both sides to detect substrings within larger strings. For example: .*(?i)(SELECT|DROP|UNION).* rather than (?i)(SELECT|DROP|UNION) | |
| Boolean | caseSensitive | Optional | When true, matching is case-sensitive. Note: Enabling case-sensitive matching may miss mixed-case attack variants such as DrOp TaBlE. Only enable case-sensitive matching when your use case specifically requires exact-case evaluation. Default: false. | |
| Boolean | checkHeaders | Optional | When true, evaluates the regex against request header names and values. Default: false. | |
| Boolean | checkPath | Optional | When true, evaluates the regex against the URL path and query parameter values (both URL-decoded). Query parameter keys are not decoded. Default: false. | |
| Boolean | checkBody | Optional | When true, evaluates the regex against the entire request body content. Default: false. |
Configuration steps
Refer to the Configuring Call Transformation for an Endpoint for more information on the configuration steps.
