Topic
2 replies Latest Post - ‏2013-07-13T14:47:47Z by Marin.
Marin.
Marin.
6 Posts
ACCEPTED ANSWER

Pinned topic MPG XML Treat Protection

‏2013-07-13T13:30:29Z |

Hi,

It seems logical that XML treat protection in MPG would apply to XML and SOAP request types only. Could it also be applied selectively even if the request type is Non-XML or Pass-Thru? We are having a situation where we have both web app and web services traffic crossing the MPG.

Thanks

  • HermannSW
    HermannSW
    3145 Posts
    ACCEPTED ANSWER

    Re: MPG XML Treat Protection

    ‏2013-07-13T14:21:05Z  in response to Marin.

    Hi,

    Non-XML - yes, Pass-Thru - No (Pass-Thru with restriction would not be "pass-thru").
    MPGW with Non-XML request/response type and match(all) and INPUT--Result--OUTPUT is similar to pass-thru (no processing), but does enfore "Maximum Message Size" for request/response.

    In MPGW screen, "XML Threat Protection" tab, you may use "Maximum Message Size" for JSON and Non-XML as well.
    From WebGUI online help:
     

    Maximum Message Size

    Specifies the maximum allowable size in kilobytes of a message. Enter a value in the range 0 - 2097151. The default value is 0. A value of 0 specifies that no limit is enforced, and the message can be of unlimited size.

    The maximum message size limit applies to JSON, SOAP, XML, and non-XML messages. If the message type is pass-through, no limit is enforced.


    Hermann<myXsltBlog/> <myXsltTweets/> <myCE/>

    Updated on 2013-07-13T14:23:45Z at 2013-07-13T14:23:45Z by HermannSW
    • Marin.
      Marin.
      6 Posts
      ACCEPTED ANSWER

      Re: MPG XML Treat Protection

      ‏2013-07-13T14:47:47Z  in response to HermannSW

      Thanks Hermann,

      Can we have the other types of XML treat protection (XDoS, SQL Injections, etc) for Non-XML request type, perhaps through processing policies? 

      Thanks