{ "id":"/axapi/v3/waf/template/{name}/http-protocol-check", "type":"object", "node-type":"scalar", "title":"http-protocol-check", "partition-visibility":"shared", "description":"HTTP protocol compliance check", "properties":{ "disable":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Disable all checks for HTTP protocol compliance", "optional":true }, "allowed-headers":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Enable allowed-headers check (default disabled)", "optional":true }, "allowed-headers-list":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":1023, "default":"Host Referer User-Agent Accept Accept-Encoding Accept-Language Accept-Language Authorization Cache-Control Content-Length", "partition-visibility":"shared", "description":"Allowed HTTP headers. Default \"Host Referer User-Agent Accept Accept-Encoding ...\" (see docs for full list) (Allowed HTTP headers (default \"Host Referer User-Agent Accept Accept-Encoding ...\" (see docs for full list)))", "optional":true }, "allowed-methods":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Enable allowed-methods check (default disabled)", "optional":true }, "allowed-methods-list":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":1023, "default":"GET POST", "partition-visibility":"shared", "description":"List of allowed HTTP methods. Default is \"GET POST\". (List of HTTP methods allowed (default \"GET POST\"))", "optional":true }, "allowed-versions":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Enable allowed-versions check (default disabled)", "optional":true }, "allowed-versions-list":{ "type":"string", "format":"enum-list", "default":"1.0,1.1,2", "partition-visibility":"shared", "description":"List of allowed HTTP versions (default \"1.0 1.1 2\")", "enum":[ "0.9", "1.0", "1.1", "2" ], "optional":true }, "bad-multipart-request":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Check for bad multipart/form-data request body", "optional":true }, "body-without-content-type":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Check for Body request without Content-Type header in request", "optional":true }, "get-with-content":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Check for GET request with Content-Length headers in request", "optional":true }, "head-with-content":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Check for HEAD request with Content-Length headers in request", "optional":true }, "host-header-with-ip":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Check for Host header with IP address", "optional":true }, "invalid-url-encoding":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Check for invalid URL encoding in request", "optional":true }, "malformed-content-length":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Check for malformed content-length in request", "optional":true }, "malformed-header":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Check for malformed HTTP header", "optional":true }, "malformed-parameter":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Check for malformed HTTP query/POST parameter", "optional":true }, "malformed-request":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Check for malformed HTTP request", "optional":true }, "malformed-request-line":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Check for malformed HTTP request line", "optional":true }, "missing-header-value":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Check for missing header value in request", "optional":true }, "missing-host-header":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Check for missing Host header in HTTP/1.1 request", "optional":true }, "multiple-content-length":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Check for multiple Content-Length headers in request", "optional":true }, "post-with-0-content":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Check for POST request with Content-Length 0", "optional":true }, "post-without-content":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Check for POST request without Content-Length/Chunked Encoding headers in request", "optional":true }, "post-without-content-type":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Check for POST request without Content-Type header in request", "optional":true }, "non-ssl-cookie-prefix":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Check for Bad __Secure- or __Host- Cookie Name prefixes in non-ssl request", "optional":true }, "uuid":{ "type":"string", "format":"string", "minLength":1, "maxLength":64, "partition-visibility":"shared", "modify-not-allowed":1, "description":"uuid of the object", "optional":true } } }