How to: Limit user-defined parameter to a single context¶
In this example, the user wants to limit the parameter to a single context, like in a header or a query string. If the same variable appears in a different location, it will trigger the VIOL_PARAMETER_LOCATION violation.
{
"policy": {
"name": "user_defined_parameters_misc_test",
"template": {
"name": "POLICY_TEMPLATE_RATING_BASED"
},
"applicationLanguage": "utf-8",
"enforcementMode": "blocking",
"blocking-settings": {
"violations": [
{
"name": "VIOL_PARAMETER_NUMERIC_VALUE",
"learn": true,
"alarm": true,
"block": true
},
{
"name": "VIOL_PARAMETER_VALUE_LENGTH",
"learn": true,
"alarm": true,
"block": true
},
{
"name": "VIOL_PARAMETER_STATIC_VALUE",
"learn": true,
"alarm": true,
"block": true
},
{
"name": "VIOL_PARAMETER_DATA_TYPE",
"learn": true,
"alarm": true,
"block": true
},
{
"name": "VIOL_PARAMETER_LOCATION",
"learn": true,
"alarm": true,
"block": true
}
]
},
"parameters": [
{
"name": "headerparam",
"type": "explicit",
"parameterLocation": "header",
"mandatory": false,
"allowEmptyValue": false,
"allowRepeatedParameterName": false,
"sensitiveParameter": false,
"valueType": "user-input",
"dataType": "alpha-numeric",
"checkMinValueLength": false,
"checkMaxValueLength": false
}
]
}
}