Skip to content
This repository has been archived by the owner on Nov 8, 2023. It is now read-only.

json

Jump to bottom
bui edited this page Jul 12, 2016 · 1 revision

JSON

POST/PUT request with content-type application/json will be handled by naxsi so that it should be transparent in the whitelist / signatures writting process :

  • all rules targeting BODY are applied to json content as well
  • whitelists (or rules) for specific variable use the classic $BODY_VAR:xx

However for JSON, naxsi does not keep track of depth, and has a hardcoded limit of 10 (depth).

A request :

POST ...

{
  "this" : { "will" : ["work", "does"],
  "it" : "??" },
  "tr<igger" : {"test_1234" : ["foobar", "will", "trigger", "it"]}
}

A rule that will match :

MainRule "str:foobar" "msg:foobar test pattern" "mz:BODY" "s:$SQL:42" id:1999;

The associated whitelist :

BasicRule wl:X "mz:$BODY_VAR:test_1234";
Clone this wiki locally