waf template http-protocol-check¶

HTTP protocol compliance check

http-protocol-check Specification¶

Parameter Value

Type Configuration Resource

Element Name http-protocol-check

Element URI /axapi/v3/waf/template/{name}/http-protocol-check

Element Attributes http-protocol-check_attributes

Partition Visibility shared

Schema http-protocol-check schema

Operations Allowed:

Operation	Method	URI	Payload
Create Object	POST	/axapi/v3/waf/template/{name}/http-protocol-check	http-protocol-check attributes
Get Object	GET	/axapi/v3/waf/template/{name}/http-protocol-check	http-protocol-check attributes
Modify Object	POST	/axapi/v3/waf/template/{name}/http-protocol-check	http-protocol-check attributes
Replace Object	PUT	/axapi/v3/waf/template/{name}/http-protocol-check	http-protocol-check attributes
Delete Object	DELETE	/axapi/v3/waf/template/{name}/http-protocol-check	http-protocol-check attributes

http-protocol-check attributes¶

allowed-headers

Description Enable allowed-headers check (default disabled)

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

allowed-headers-list

Description Allowed HTTP headers. Default “Host Referer User-Agent Accept Accept-Encoding …” (see docs for full list) (Allowed HTTP headers (default “Host Referer User-Agent Accept Accept-Encoding …” (see docs for full list)))

Type: string

Format: string-rlx

Maximum Length: 1023 characters

Maximum Length: 1 characters

Default: Host Referer User-Agent Accept Accept-Encoding Accept-Language Accept-Language Authorization Cache-Control Content-Length

allowed-methods

Description Enable allowed-methods check (default disabled)

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

allowed-methods-list

Description List of allowed HTTP methods. Default is “GET POST”. (List of HTTP methods allowed (default “GET POST”))

Type: string

Format: string-rlx

Maximum Length: 1023 characters

Maximum Length: 1 characters

Default: GET POST

allowed-versions

Description Enable allowed-versions check (default disabled)

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

allowed-versions-list

Description List of allowed HTTP versions (default “1.0 1.1 2”)

Type: string

Format: enum-list

Default: 1.0,1.1,2

bad-multipart-request

Description Check for bad multipart/form-data request body

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

body-without-content-type

Description Check for Body request without Content-Type header in request

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

disable

Description Disable all checks for HTTP protocol compliance

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

get-with-content

Description Check for GET request with Content-Length headers in request

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

head-with-content

Description Check for HEAD request with Content-Length headers in request

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

host-header-with-ip

Description Check for Host header with IP address

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

invalid-url-encoding

Description Check for invalid URL encoding in request

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

malformed-content-length

Description Check for malformed content-length in request

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

malformed-header

Description Check for malformed HTTP header

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

malformed-parameter

Description Check for malformed HTTP query/POST parameter

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

malformed-request

Description Check for malformed HTTP request

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

malformed-request-line

Description Check for malformed HTTP request line

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

missing-header-value

Description Check for missing header value in request

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

missing-host-header

Description Check for missing Host header in HTTP/1.1 request

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

multiple-content-length

Description Check for multiple Content-Length headers in request

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

non-ssl-cookie-prefix

Description Check for Bad __Secure- or __Host- Cookie Name prefixes in non-ssl request

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

post-with-0-content

Description Check for POST request with Content-Length 0

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

post-without-content

Description Check for POST request without Content-Length/Chunked Encoding headers in request

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

post-without-content-type

Description Check for POST request without Content-Type header in request

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

uuid

Description uuid of the object

Type: string

Maximum Length: 64 characters

Maximum Length: 1 characters