How to: Configure user-defined text and query parameters

In the following example, we configure two parameters. The first one, text, takes string values (here configured as alpha-numeric), and limits the length of the allowed string between 4 and 8 characters. Any string below or above these values will trigger the violation VIOL_PARAMETER_VALUE_LENGTH. Note that we enable this violation to block the violating request.

The second parameter, query, is added to the policy just to avoid a false positive condition due to a specific signature, 200002835. Suppose you realized that whenever this signature is detected on this parameter, it was false positive. You would like to disable this signature, but only in the context of this parameter. The signature will still be detected on values of other parameters.

{
    "policy": {
        "name": "user_defined_parameters_data_types",
        "template": {
            "name": "POLICY_TEMPLATE_RATING_BASED"
        },
        "applicationLanguage": "utf-8",
        "enforcementMode": "blocking",
        "blocking-settings": {
            "violations": [
                {
                    "name": "VIOL_PARAMETER_VALUE_LENGTH",
                    "alarm": true,
                    "block": true
                }
            ]
        },
        "parameters": [
            {
                "name": "text",
                "type": "explicit",
                "parameterLocation": "any",
                "mandatory": false,
                "allowEmptyValue": false,
                "allowRepeatedParameterName": false,
                "sensitiveParameter": false,
                "valueType": "user-input",
                "dataType": "alpha-numeric",
                "checkMinValueLength": true,
                "checkMaxValueLength": true,
                "minimumLength": 4,
                "maximumLength": 8
            },
            {
                "name": "query",
                "type": "explicit",
                "valueType": "user-input",
                "dataType": "alpha-numeric",
                "signatureOverrides": [
                    {
                        "enabled": false,
                        "signatureId": 200002835
                    }
                ]
            }
        ]
    }
}