appfwprofile_xmldosurl_binding¶
Binding object showing the xmldosurl that can be bound to appfwprofile.
Properties¶
(click to see Operations )
| Name | Data Type | Permissions | Description |
|---|---|---|---|
| xmlmaxelementdepthcheck | <String> | Read-write | State if XML Max element depth check is ON or OFF.
Possible values = ON, OFF |
| xmlmaxfilesize | <Double> | Read-write | Specify the maximum size of XML messages. Protects against overflow attacks.
Minimum value = 0 Maximum value = 1000000000 |
| xmlmaxnamespaceurilength | <Double> | Read-write | Specify the longest URI of any XML namespace. Protects against overflow attacks. |
| xmldosurl | <String> | Read-write | XML DoS URL regular expression length. |
| state | <String> | Read-write | Enabled.
Possible values = ENABLED, DISABLED |
| xmlsoaparraycheck | <String> | Read-write | State if XML SOAP Array check is ON or OFF.
Possible values = ON, OFF |
| xmlmaxelementnamelengthcheck | <String> | Read-write | State if XML Max element name length check is ON or OFF.
Possible values = ON, OFF |
| xmlmaxelementscheck | <String> | Read-write | State if XML Max elements check is ON or OFF.
Possible values = ON, OFF |
| xmlmaxentityexpansions | <Double> | Read-write | Specify maximum allowed number of entity expansions. Protects aganist Entity Expansion Attack. |
| xmlmaxattributes | <Double> | Read-write | Specify maximum number of attributes per XML element. Protects against overflow attacks. |
| xmlmaxfilesizecheck | <String> | Read-write | State if XML Max file size check is ON or OFF.
Possible values = ON, OFF |
| xmlmaxchardatalength | <Double> | Read-write | Specify the maximum size of CDATA. Protects against overflow attacks and large quantities of unparsed data within XML messages.
Minimum value = 0 Maximum value = 1000000000 |
| xmlmaxnamespacescheck | <String> | Read-write | State if XML Max namespaces check is ON or OFF.
Possible values = ON, OFF |
| xmlmaxnamespaces | <Double> | Read-write | Specify maximum number of active namespaces. Protects against overflow attacks. |
| xmlmaxattributenamelengthcheck | <String> | Read-write | State if XML Max attribute name length check is ON or OFF.
Possible values = ON, OFF |
| xmlblockdtd | <String> | Read-write | State if XML DTD is ON or OFF. Protects against recursive Document Type Declaration (DTD) entity expansion attacks. Also, SOAP messages cannot have DTDs in messages. .
Possible values = ON, OFF |
| xmlmaxattributevaluelength | <Double> | Read-write | Specify the longest value of any XML attribute. Protects against overflow attacks. |
| xmlmaxelementdepth | <Double> | Read-write | Maximum nesting (depth) of XML elements. This check protects against documents that have excessive hierarchy depths. |
| xmlmaxelementnamelength | <Double> | Read-write | Specify the longest name of any element (including the expanded namespace) to protect against overflow attacks. |
| name | <String> | Read-write | Name of the profile to which to bind an exemption or rule.
Minimum length = 1 |
| xmlblockpi | <String> | Read-write | State if XML Block PI is ON or OFF. Protects resources from denial of service attacks as SOAP messages cannot have processing instructions (PI) in messages.
Possible values = ON, OFF |
| xmlmaxelementchildrencheck | <String> | Read-write | State if XML Max element children check is ON or OFF.
Possible values = ON, OFF |
| xmlmaxelements | <Double> | Read-write | Specify the maximum number of XML elements allowed. Protects against overflow attacks. |
| xmlmaxentityexpansionscheck | <String> | Read-write | State if XML Max Entity Expansions Check is ON or OFF.
Possible values = ON, OFF |
| alertonly | <String> | Read-write | Send SNMP alert?.
Possible values = ON, OFF |
| xmlmaxnamespaceurilengthcheck | <String> | Read-write | State if XML Max namespace URI length check is ON or OFF.
Possible values = ON, OFF |
| xmlmaxentityexpansiondepthcheck | <String> | Read-write | State if XML Max Entity Expansions Depth Check is ON or OFF.
Possible values = ON, OFF |
| xmlmaxattributevaluelengthcheck | <String> | Read-write | State if XML Max atribute value length is ON or OFF.
Possible values = ON, OFF |
| xmlmaxsoaparraysize | <Double> | Read-write | XML Max Total SOAP Array Size. Protects against SOAP Array Abuse attack.
Minimum value = 0 Maximum value = 1000000000 |
| xmlmaxentityexpansiondepth | <Double> | Read-write | Specify maximum entity expansion depth. Protects aganist Entity Expansion Attack. |
| xmlmaxnodescheck | <String> | Read-write | State if XML Max nodes check is ON or OFF.
Possible values = ON, OFF |
| xmlmaxattributenamelength | <Double> | Read-write | Specify the longest name of any XML attribute. Protects against overflow attacks. |
| xmlmaxchardatalengthcheck | <String> | Read-write | State if XML Max CDATA length check is ON or OFF.
Possible values = ON, OFF |
| xmlminfilesizecheck | <String> | Read-write | State if XML Min file size check is ON or OFF.
Possible values = ON, OFF |
| xmlmaxelementchildren | <Double> | Read-write | Specify the maximum number of children allowed per XML element. Protects against overflow attacks. |
| xmlminfilesize | <Double> | Read-write | Enforces minimum message size.
Minimum value = 0 Maximum value = 1000000000 |
| xmlmaxnodes | <Double> | Read-write | Specify the maximum number of XML nodes. Protects against overflow attacks. |
| isautodeployed | <String> | Read-write | Is the rule auto deployed by dynamic profile ?.
Possible values = AUTODEPLOYED, NOTAUTODEPLOYED |
| comment | <String> | Read-write | Any comments about the purpose of profile, or other useful information about the profile. |
| xmlmaxattributescheck | <String> | Read-write | State if XML Max attributes check is ON or OFF.
Possible values = ON, OFF |
| xmlmaxsoaparrayrank | <Double> | Read-write | XML Max Individual SOAP Array Rank. This is the dimension of the SOAP array. |
| xmlblockexternalentities | <String> | Read-write | State if XML Block External Entities Check is ON or OFF. Protects against XML External Entity (XXE) attacks that force applications to parse untrusted external entities (sources) in XML documents.
Possible values = ON, OFF |
| __count | <Double> | Read-write | count parameter |
Operations¶
(click to see Properties )
- ADD
- DELETE
- GET
- GET (ALL)
- COUNT
Some options that you can use for each operations:
Getting warnings in response: NITRO allows you to get warnings in an operation by specifying the 'warning' query parameter as 'yes'. For example, to get warnings while connecting to the NetScaler appliance, the URL is as follows:
http:// <netscaler-ip-address> /nitro/v1/config/login?warning=yes
If any, the warnings are displayed in the response payload with the HTTP code '209 X-NITRO-WARNING'.
Authenticated access for individual NITRO operations: NITRO allows you to logon to the NetScaler appliance to perform individual operations. You can use this option instead of creating a NITRO session (using the login object) and then using that session to perform all operations,
To do this, you must specify the username and password in the request header of the NITRO request as follows:
X-NITRO-USER: <username>
X-NITRO-PASS: <password>
Note: In such cases, make sure that the request header DOES not include the following:
Cookie:NITRO_AUTH_TOKEN= <tokenvalue>
Note:
Mandatory parameters are marked in red and placeholder content is marked in green
add¶
URL: http:// <netscaler-ip-address /nitro/v1/config/appfwprofile_xmldosurl_binding
HTTP Method: PUT
Request Headers:
Cookie:NITRO_AUTH_TOKEN= <tokenvalue>
Content-Type:application/json
Request Payload:
{
"appfwprofile_xmldosurl_binding":{
<b> "name":<String_value>,
</b> "comment":<String_value>,
"state":<String_value>,
"xmldosurl":<String_value>,
"xmlmaxelementdepthcheck":<String_value>,
"xmlmaxelementdepth":<Double_value>,
"xmlmaxelementnamelengthcheck":<String_value>,
"xmlmaxelementnamelength":<Double_value>,
"xmlmaxelementscheck":<String_value>,
"xmlmaxelements":<Double_value>,
"xmlmaxelementchildrencheck":<String_value>,
"xmlmaxelementchildren":<Double_value>,
"xmlmaxnodescheck":<String_value>,
"xmlmaxnodes":<Double_value>,
"xmlmaxattributescheck":<String_value>,
"xmlmaxattributes":<Double_value>,
"xmlmaxattributenamelengthcheck":<String_value>,
"xmlmaxattributenamelength":<Double_value>,
"xmlmaxattributevaluelengthcheck":<String_value>,
"xmlmaxattributevaluelength":<Double_value>,
"xmlmaxchardatalengthcheck":<String_value>,
"xmlmaxchardatalength":<Double_value>,
"xmlmaxfilesizecheck":<String_value>,
"xmlmaxfilesize":<Double_value>,
"xmlminfilesizecheck":<String_value>,
"xmlminfilesize":<Double_value>,
"xmlblockpi":<String_value>,
"xmlblockdtd":<String_value>,
"xmlblockexternalentities":<String_value>,
"xmlmaxentityexpansionscheck":<String_value>,
"xmlmaxentityexpansions":<Double_value>,
"xmlmaxentityexpansiondepthcheck":<String_value>,
"xmlmaxentityexpansiondepth":<Double_value>,
"xmlmaxnamespacescheck":<String_value>,
"xmlmaxnamespaces":<Double_value>,
"xmlmaxnamespaceurilengthcheck":<String_value>,
"xmlmaxnamespaceurilength":<Double_value>,
"xmlsoaparraycheck":<String_value>,
"xmlmaxsoaparraysize":<Double_value>,
"xmlmaxsoaparrayrank":<Double_value>,
"isautodeployed":<String_value>
}}
Response:
HTTP Status Code on Success: 201 Created
HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error
delete¶
URL: http:// <netscaler-ip-address> /nitro/v1/config/appfwprofile_xmldosurl_binding/ name_value<String>
Query-parameters:
args
http:// <netscaler-ip-address> /nitro/v1/config/appfwprofile_xmldosurl_binding/ name_value<String> ? args=xmldosurl: <String_value>
HTTP Method: DELETE
Request Headers:
Cookie:NITRO_AUTH_TOKEN= <tokenvalue>
Response:
HTTP Status Code on Success: 200 OK
HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error
get¶
URL: http:// <netscaler-ip-address> /nitro/v1/config/appfwprofile_xmldosurl_binding/ name_value<String>
Query-parameters:
filter
http:// <netscaler-ip-address> /nitro/v1/config/appfwprofile_xmldosurl_binding/ name_value<String> ? filter=property-name1:property-value1,property-name2:property-value2
Use this query-parameter to get the filtered set of appfwprofile_xmldosurl_binding resources configured on NetScaler.Filtering can be done on any of the properties of the resource.
pagination
http:// <netscaler-ip-address> /nitro/v1/config/appfwprofile_xmldosurl_binding/ name_value<String> ? pagesize=#no;pageno=#no
Use this query-parameter to get the appfwprofile_xmldosurl_binding resources in chunks.
HTTP Method: GET
Request Headers:
Cookie:NITRO_AUTH_TOKEN= <tokenvalue>
Accept:application/json
Response:
HTTP Status Code on Success: 200 OK
HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error
Response Header:
Content-Type:application/json
Response Payload:
{ "appfwprofile_xmldosurl_binding": [ {
"xmlmaxelementdepthcheck":<String_value>,
"xmlmaxfilesize":<Double_value>,
"xmlmaxnamespaceurilength":<Double_value>,
"xmldosurl":<String_value>,
"state":<String_value>,
"xmlsoaparraycheck":<String_value>,
"xmlmaxelementnamelengthcheck":<String_value>,
"xmlmaxelementscheck":<String_value>,
"xmlmaxentityexpansions":<Double_value>,
"xmlmaxattributes":<Double_value>,
"xmlmaxfilesizecheck":<String_value>,
"xmlmaxchardatalength":<Double_value>,
"xmlmaxnamespacescheck":<String_value>,
"xmlmaxnamespaces":<Double_value>,
"xmlmaxattributenamelengthcheck":<String_value>,
"xmlblockdtd":<String_value>,
"xmlmaxattributevaluelength":<Double_value>,
"xmlmaxelementdepth":<Double_value>,
"xmlmaxelementnamelength":<Double_value>,
"name":<String_value>,
"xmlblockpi":<String_value>,
"xmlmaxelementchildrencheck":<String_value>,
"xmlmaxelements":<Double_value>,
"xmlmaxentityexpansionscheck":<String_value>,
"alertonly":<String_value>,
"xmlmaxnamespaceurilengthcheck":<String_value>,
"xmlmaxentityexpansiondepthcheck":<String_value>,
"xmlmaxattributevaluelengthcheck":<String_value>,
"xmlmaxsoaparraysize":<Double_value>,
"xmlmaxentityexpansiondepth":<Double_value>,
"xmlmaxnodescheck":<String_value>,
"xmlmaxattributenamelength":<Double_value>,
"xmlmaxchardatalengthcheck":<String_value>,
"xmlminfilesizecheck":<String_value>,
"xmlmaxelementchildren":<Double_value>,
"xmlminfilesize":<Double_value>,
"xmlmaxnodes":<Double_value>,
"isautodeployed":<String_value>,
"comment":<String_value>,
"xmlmaxattributescheck":<String_value>,
"xmlmaxsoaparrayrank":<Double_value>,
"xmlblockexternalentities":<String_value>
}]}
get (all)¶
URL: http:// <netscaler-ip-address> /nitro/v1/config/appfwprofile_xmldosurl_binding
HTTP Method: GET
Request Headers:
Cookie:NITRO_AUTH_TOKEN= <tokenvalue>
Accept:application/json
Query-parameters:
bulkbindings
http:// <netscaler-ip-address> /nitro/v1/config/appfwprofile_xmldosurl_binding? bulkbindings=yes
NITRO allows you to fetch bindings in bulk.
Note: get (all) method can be used only in conjuction with bulkbindings query parameter.
Response:
HTTP Status Code on Success: 200 OK
HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error
Response Header:
Content-Type:application/json
Response Payload:
{ "appfwprofile_xmldosurl_binding": [ {
"xmlmaxelementdepthcheck":<String_value>,
"xmlmaxfilesize":<Double_value>,
"xmlmaxnamespaceurilength":<Double_value>,
"xmldosurl":<String_value>,
"state":<String_value>,
"xmlsoaparraycheck":<String_value>,
"xmlmaxelementnamelengthcheck":<String_value>,
"xmlmaxelementscheck":<String_value>,
"xmlmaxentityexpansions":<Double_value>,
"xmlmaxattributes":<Double_value>,
"xmlmaxfilesizecheck":<String_value>,
"xmlmaxchardatalength":<Double_value>,
"xmlmaxnamespacescheck":<String_value>,
"xmlmaxnamespaces":<Double_value>,
"xmlmaxattributenamelengthcheck":<String_value>,
"xmlblockdtd":<String_value>,
"xmlmaxattributevaluelength":<Double_value>,
"xmlmaxelementdepth":<Double_value>,
"xmlmaxelementnamelength":<Double_value>,
"name":<String_value>,
"xmlblockpi":<String_value>,
"xmlmaxelementchildrencheck":<String_value>,
"xmlmaxelements":<Double_value>,
"xmlmaxentityexpansionscheck":<String_value>,
"alertonly":<String_value>,
"xmlmaxnamespaceurilengthcheck":<String_value>,
"xmlmaxentityexpansiondepthcheck":<String_value>,
"xmlmaxattributevaluelengthcheck":<String_value>,
"xmlmaxsoaparraysize":<Double_value>,
"xmlmaxentityexpansiondepth":<Double_value>,
"xmlmaxnodescheck":<String_value>,
"xmlmaxattributenamelength":<Double_value>,
"xmlmaxchardatalengthcheck":<String_value>,
"xmlminfilesizecheck":<String_value>,
"xmlmaxelementchildren":<Double_value>,
"xmlminfilesize":<Double_value>,
"xmlmaxnodes":<Double_value>,
"isautodeployed":<String_value>,
"comment":<String_value>,
"xmlmaxattributescheck":<String_value>,
"xmlmaxsoaparrayrank":<Double_value>,
"xmlblockexternalentities":<String_value>
}]}
count¶
URL: http:// <netscaler-ip-address> /nitro/v1/config/appfwprofile_xmldosurl_binding/ name_value<String> ? count=yes
HTTP Method: GET
Request Headers:
Cookie:NITRO_AUTH_TOKEN= <tokenvalue>
Accept:application/json
Response:
HTTP Status Code on Success: 200 OK
HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error
Response Header:
Content-Type:application/json
Response Payload:
{"appfwprofile_xmldosurl_binding": [ { "__count": "#no"} ] }