ADC

JSON content types

September 14, 2021

Contributed by:

By default, the Web App Firewall treats files with the content type “application/json” as JSON files.The default setting enables the Web App Firewall to recognize JSON content in requests and responses, and to handle that content appropriately.

You can configure the Web App Firewall to examine web content for additional strings or patterns that indicate that those files are JSON files. This can ensure that the Web App Firewall recognizes all JSON content on your site, even if certain JSON content does not follow normal JSON naming conventions, ensuring that JSON content is subjected to JSON security checks.

To configure the JSON content types, you add the appropriate patterns to the JSON Content Types list. You can enter a content type as a string, or you can enter a PCRE-compatible regular expression specifying one or more strings. You can also modify the existing JSON content types patterns.

To add a JSON content type pattern by using the command line interface

At the command prompt, type the following commands:

add appfw JSONContentType <JSONContenttypevalue> [-isRegex ( REGEX | NOTREGEX )]
save ns config

Example

The following example adds the pattern .*/json to the JSON Content Types list and designates it as a regular expression.

add appfw JSONContentType ".*/json" -isRegex REGEX
<!--NeedCopy-->

To configure the JSON content type list by using the GUI

Navigate to Security > Application Firewall.
In the details pane, under Settings, click Manage JSON Content Types.
In the Manage JSON Content Types dialog box, do one of the following:
- To add a new JSON content type, click Add.
- To modify an existing JSON content type, select that type and then click Edit. The Configure Web App Firewall JSON Content Type dialog appears. Note: If you select an existing JSON content type pattern and then click Add, the dialog box displays the information for that JSON content type pattern. You can modify that information to create your new JSON content type pattern.
In the dialog box, fill out the elements. They are:
- IsRegex. Select or clear to enable PCRE-format regular expressions in the form field name.
- JSON Content Type Enter a literal string or PCRE-format regular expression that matches the JSON content type pattern that you want to add.
Click Create or OK.
To remove a JSON content type pattern from the list, select it, then click Remove to remove it, and then click OK to confirm your choice.
When you have finished adding and removing XML content type patterns, click Close.

The official version of this content is in English. Some of the Cloud Software Group documentation content is machine translated for your convenience only. Cloud Software Group has no control over machine-translated content, which may contain errors, inaccuracies or unsuitable language. No warranty of any kind, either expressed or implied, is made as to the accuracy, reliability, suitability, or correctness of any translations made from the English original into any other language, or that your Cloud Software Group product or service conforms to any machine translated content, and any warranty provided under the applicable end user license agreement or terms of service, or any other agreement with Cloud Software Group, that the product or service conforms with any documentation shall not apply to the extent that such documentation has been machine translated. Cloud Software Group will not be held responsible for any damage or issues that may arise from using machine-translated content.

JSON content types

September 14, 2021

Contributed by:

September 14, 2021

Contributed by:

JSON content types

To add a JSON content type pattern by using the command line interface

Example

To configure the JSON content type list by using the GUI

In this article