JSON Protection Checks

NetScaler Web App Firewall protects your JSON applications from content-level DoS, SQL, or cross-site scripting attacks. When an JSON request has a DoS, SQL, or cross-site scripting attack, you must protection your application by configuring limits on JSON structures such as arrays and strings.


The JSON security checks apply only to content that is sent with a JSON content-type header. If the content-type header is missing, or is set to a different value, all JSON security checks are bypassed. If you want to protect your JSON applications, the webmasters of each web server that hosts those applications must ensure a proper JSON content-type header is sent.

The learning feature is not support for JSON SQL, cross-site scripting, DOS content types.

JSON Protection Checks

In this article