Developer Documentation
ADC NITRO APIs
Current Release 13.1 13

appfwprofile_xmldosurl_binding

August 17, 2023
Contributed by: 
C

Binding object showing the xmldosurl that can be bound to appfwprofile.

Properties

(click to see Operations )

Name Data Type Permissions Description
xmlmaxelementdepthcheck Read-write State if XML Max element depth check is ON or OFF.

Possible values = ON, OFF
xmlmaxfilesize Read-write Specify the maximum size of XML messages. Protects against overflow attacks.

Minimum value = 0

Maximum value = 1000000000
xmlmaxnamespaceurilength Read-write Specify the longest URI of any XML namespace. Protects against overflow attacks.
xmldosurl Read-write XML DoS URL regular expression length.
state Read-write Enabled.

Possible values = ENABLED, DISABLED
xmlsoaparraycheck Read-write State if XML SOAP Array check is ON or OFF.

Possible values = ON, OFF
xmlmaxelementnamelengthcheck Read-write State if XML Max element name length check is ON or OFF.

Possible values = ON, OFF
xmlmaxelementscheck Read-write State if XML Max elements check is ON or OFF.

Possible values = ON, OFF
xmlmaxentityexpansions Read-write Specify maximum allowed number of entity expansions. Protects aganist Entity Expansion Attack.
xmlmaxattributes Read-write Specify maximum number of attributes per XML element. Protects against overflow attacks.
xmlmaxfilesizecheck Read-write State if XML Max file size check is ON or OFF.

Possible values = ON, OFF
xmlmaxchardatalength Read-write Specify the maximum size of CDATA. Protects against overflow attacks and large quantities of unparsed data within XML messages.

Minimum value = 0

Maximum value = 1000000000
xmlmaxnamespacescheck Read-write State if XML Max namespaces check is ON or OFF.

Possible values = ON, OFF
xmlmaxnamespaces Read-write Specify maximum number of active namespaces. Protects against overflow attacks.
xmlmaxattributenamelengthcheck Read-write State if XML Max attribute name length check is ON or OFF.

Possible values = ON, OFF
xmlblockdtd Read-write State if XML DTD is ON or OFF. Protects against recursive Document Type Declaration (DTD) entity expansion attacks. Also, SOAP messages cannot have DTDs in messages. .

Possible values = ON, OFF
xmlmaxattributevaluelength Read-write Specify the longest value of any XML attribute. Protects against overflow attacks.
xmlmaxelementdepth Read-write Maximum nesting (depth) of XML elements. This check protects against documents that have excessive hierarchy depths.
xmlmaxelementnamelength Read-write Specify the longest name of any element (including the expanded namespace) to protect against overflow attacks.
name Read-write Name of the profile to which to bind an exemption or rule.

Minimum length = 1
xmlblockpi Read-write State if XML Block PI is ON or OFF. Protects resources from denial of service attacks as SOAP messages cannot have processing instructions (PI) in messages.

Possible values = ON, OFF
xmlmaxelementchildrencheck Read-write State if XML Max element children check is ON or OFF.

Possible values = ON, OFF
xmlmaxelements Read-write Specify the maximum number of XML elements allowed. Protects against overflow attacks.
xmlmaxentityexpansionscheck Read-write State if XML Max Entity Expansions Check is ON or OFF.

Possible values = ON, OFF
alertonly Read-write Send SNMP alert?.

Possible values = ON, OFF
xmlmaxnamespaceurilengthcheck Read-write State if XML Max namespace URI length check is ON or OFF.

Possible values = ON, OFF
xmlmaxentityexpansiondepthcheck Read-write State if XML Max Entity Expansions Depth Check is ON or OFF.

Possible values = ON, OFF
xmlmaxattributevaluelengthcheck Read-write State if XML Max atribute value length is ON or OFF.

Possible values = ON, OFF
xmlmaxsoaparraysize Read-write XML Max Total SOAP Array Size. Protects against SOAP Array Abuse attack.

Minimum value = 0

Maximum value = 1000000000
xmlmaxentityexpansiondepth Read-write Specify maximum entity expansion depth. Protects aganist Entity Expansion Attack.
xmlmaxnodescheck Read-write State if XML Max nodes check is ON or OFF.

Possible values = ON, OFF
xmlmaxattributenamelength Read-write Specify the longest name of any XML attribute. Protects against overflow attacks.
xmlmaxchardatalengthcheck Read-write State if XML Max CDATA length check is ON or OFF.

Possible values = ON, OFF
xmlminfilesizecheck Read-write State if XML Min file size check is ON or OFF.

Possible values = ON, OFF
xmlmaxelementchildren Read-write Specify the maximum number of children allowed per XML element. Protects against overflow attacks.
xmlminfilesize Read-write Enforces minimum message size.

Minimum value = 0

Maximum value = 1000000000
xmlmaxnodes Read-write Specify the maximum number of XML nodes. Protects against overflow attacks.
isautodeployed Read-write Is the rule auto deployed by dynamic profile ?.

Possible values = AUTODEPLOYED, NOTAUTODEPLOYED
comment Read-write Any comments about the purpose of profile, or other useful information about the profile.
xmlmaxattributescheck Read-write State if XML Max attributes check is ON or OFF.

Possible values = ON, OFF
xmlmaxsoaparrayrank Read-write XML Max Individual SOAP Array Rank. This is the dimension of the SOAP array.
xmlblockexternalentities Read-write State if XML Block External Entities Check is ON or OFF. Protects against XML External Entity (XXE) attacks that force applications to parse untrusted external entities (sources) in XML documents.

Possible values = ON, OFF
__count Read-write count parameter

Operations

(click to see Properties )

  • ADD
  • DELETE
  • GET
  • GET (ALL)
  • COUNT

Some options that you can use for each operations:

  • Getting warnings in response: NITRO allows you to get warnings in an operation by specifying the 'warning' query parameter as 'yes'. For example, to get warnings while connecting to the NetScaler appliance, the URL is as follows:

    http:// <netscaler-ip-address> /nitro/v1/config/login?warning=yes

    If any, the warnings are displayed in the response payload with the HTTP code '209 X-NITRO-WARNING'.

  • Authenticated access for individual NITRO operations: NITRO allows you to logon to the NetScaler appliance to perform individual operations. You can use this option instead of creating a NITRO session (using the login object) and then using that session to perform all operations,

    To do this, you must specify the username and password in the request header of the NITRO request as follows:

    X-NITRO-USER: <username>

    X-NITRO-PASS: <password>

    Note: In such cases, make sure that the request header DOES not include the following:

    Cookie:NITRO_AUTH_TOKEN= <tokenvalue>

*Note: *

Mandatory parameters are marked in red and placeholder content is marked in green

add

URL: http:// <netscaler-ip-address /nitro/v1/config/appfwprofile_xmldosurl_binding

HTTP Method: PUT

Request Headers:

Cookie:NITRO_AUTH_TOKEN= <tokenvalue>

Content-Type:application/json

Request Payload: 


{
"appfwprofile_xmldosurl_binding":{
<b>      "name":<String_value>,
</b>      "comment":<String_value>,
      "state":<String_value>,
      "xmldosurl":<String_value>,
      "xmlmaxelementdepthcheck":<String_value>,
      "xmlmaxelementdepth":<Double_value>,
      "xmlmaxelementnamelengthcheck":<String_value>,
      "xmlmaxelementnamelength":<Double_value>,
      "xmlmaxelementscheck":<String_value>,
      "xmlmaxelements":<Double_value>,
      "xmlmaxelementchildrencheck":<String_value>,
      "xmlmaxelementchildren":<Double_value>,
      "xmlmaxnodescheck":<String_value>,
      "xmlmaxnodes":<Double_value>,
      "xmlmaxattributescheck":<String_value>,
      "xmlmaxattributes":<Double_value>,
      "xmlmaxattributenamelengthcheck":<String_value>,
      "xmlmaxattributenamelength":<Double_value>,
      "xmlmaxattributevaluelengthcheck":<String_value>,
      "xmlmaxattributevaluelength":<Double_value>,
      "xmlmaxchardatalengthcheck":<String_value>,
      "xmlmaxchardatalength":<Double_value>,
      "xmlmaxfilesizecheck":<String_value>,
      "xmlmaxfilesize":<Double_value>,
      "xmlminfilesizecheck":<String_value>,
      "xmlminfilesize":<Double_value>,
      "xmlblockpi":<String_value>,
      "xmlblockdtd":<String_value>,
      "xmlblockexternalentities":<String_value>,
      "xmlmaxentityexpansionscheck":<String_value>,
      "xmlmaxentityexpansions":<Double_value>,
      "xmlmaxentityexpansiondepthcheck":<String_value>,
      "xmlmaxentityexpansiondepth":<Double_value>,
      "xmlmaxnamespacescheck":<String_value>,
      "xmlmaxnamespaces":<Double_value>,
      "xmlmaxnamespaceurilengthcheck":<String_value>,
      "xmlmaxnamespaceurilength":<Double_value>,
      "xmlsoaparraycheck":<String_value>,
      "xmlmaxsoaparraysize":<Double_value>,
      "xmlmaxsoaparrayrank":<Double_value>,
      "isautodeployed":<String_value>
}}

<!--NeedCopy-->

Response:

HTTP Status Code on Success: 201 Created

HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error

delete

URL: http:// <netscaler-ip-address> /nitro/v1/config/appfwprofile_xmldosurl_binding/ name_value<String>

Query-parameters:

args

http:// <netscaler-ip-address> /nitro/v1/config/appfwprofile_xmldosurl_binding/ name_value<String> ? args=xmldosurl: <String_value>

HTTP Method: DELETE

Request Headers:

Cookie:NITRO_AUTH_TOKEN= <tokenvalue>

Response:

HTTP Status Code on Success: 200 OK

HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error

get

URL: http:// <netscaler-ip-address> /nitro/v1/config/appfwprofile_xmldosurl_binding/ name_value<String>

Query-parameters:

filter

http:// <netscaler-ip-address> /nitro/v1/config/appfwprofile_xmldosurl_binding/ name_value<String> ? filter=property-name1:property-value1,property-name2:property-value2

Use this query-parameter to get the filtered set of appfwprofile_xmldosurl_binding resources configured on NetScaler.Filtering can be done on any of the properties of the resource.

pagination

http:// <netscaler-ip-address> /nitro/v1/config/appfwprofile_xmldosurl_binding/ name_value<String> ? pagesize=#no;pageno=#no

Use this query-parameter to get the appfwprofile_xmldosurl_binding resources in chunks.

HTTP Method: GET

Request Headers:

Cookie:NITRO_AUTH_TOKEN= <tokenvalue>

Accept:application/json

Response:

HTTP Status Code on Success: 200 OK

HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error

Response Header:

Content-Type:application/json

Response Payload: 


{  "appfwprofile_xmldosurl_binding": [ {
      "xmlmaxelementdepthcheck":<String_value>,
      "xmlmaxfilesize":<Double_value>,
      "xmlmaxnamespaceurilength":<Double_value>,
      "xmldosurl":<String_value>,
      "state":<String_value>,
      "xmlsoaparraycheck":<String_value>,
      "xmlmaxelementnamelengthcheck":<String_value>,
      "xmlmaxelementscheck":<String_value>,
      "xmlmaxentityexpansions":<Double_value>,
      "xmlmaxattributes":<Double_value>,
      "xmlmaxfilesizecheck":<String_value>,
      "xmlmaxchardatalength":<Double_value>,
      "xmlmaxnamespacescheck":<String_value>,
      "xmlmaxnamespaces":<Double_value>,
      "xmlmaxattributenamelengthcheck":<String_value>,
      "xmlblockdtd":<String_value>,
      "xmlmaxattributevaluelength":<Double_value>,
      "xmlmaxelementdepth":<Double_value>,
      "xmlmaxelementnamelength":<Double_value>,
      "name":<String_value>,
      "xmlblockpi":<String_value>,
      "xmlmaxelementchildrencheck":<String_value>,
      "xmlmaxelements":<Double_value>,
      "xmlmaxentityexpansionscheck":<String_value>,
      "alertonly":<String_value>,
      "xmlmaxnamespaceurilengthcheck":<String_value>,
      "xmlmaxentityexpansiondepthcheck":<String_value>,
      "xmlmaxattributevaluelengthcheck":<String_value>,
      "xmlmaxsoaparraysize":<Double_value>,
      "xmlmaxentityexpansiondepth":<Double_value>,
      "xmlmaxnodescheck":<String_value>,
      "xmlmaxattributenamelength":<Double_value>,
      "xmlmaxchardatalengthcheck":<String_value>,
      "xmlminfilesizecheck":<String_value>,
      "xmlmaxelementchildren":<Double_value>,
      "xmlminfilesize":<Double_value>,
      "xmlmaxnodes":<Double_value>,
      "isautodeployed":<String_value>,
      "comment":<String_value>,
      "xmlmaxattributescheck":<String_value>,
      "xmlmaxsoaparrayrank":<Double_value>,
      "xmlblockexternalentities":<String_value>
}]}

<!--NeedCopy-->

get (all)

URL: http:// <netscaler-ip-address> /nitro/v1/config/appfwprofile_xmldosurl_binding

HTTP Method: GET

Request Headers:

Cookie:NITRO_AUTH_TOKEN= <tokenvalue>

Accept:application/json

Query-parameters:

bulkbindings

http:// <netscaler-ip-address> /nitro/v1/config/appfwprofile_xmldosurl_binding? bulkbindings=yes

NITRO allows you to fetch bindings in bulk.

Note: get (all) method can be used only in conjuction with bulkbindings query parameter.

Response:

HTTP Status Code on Success: 200 OK

HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error

Response Header:

Content-Type:application/json

Response Payload: 


{  "appfwprofile_xmldosurl_binding": [ {
      "xmlmaxelementdepthcheck":<String_value>,
      "xmlmaxfilesize":<Double_value>,
      "xmlmaxnamespaceurilength":<Double_value>,
      "xmldosurl":<String_value>,
      "state":<String_value>,
      "xmlsoaparraycheck":<String_value>,
      "xmlmaxelementnamelengthcheck":<String_value>,
      "xmlmaxelementscheck":<String_value>,
      "xmlmaxentityexpansions":<Double_value>,
      "xmlmaxattributes":<Double_value>,
      "xmlmaxfilesizecheck":<String_value>,
      "xmlmaxchardatalength":<Double_value>,
      "xmlmaxnamespacescheck":<String_value>,
      "xmlmaxnamespaces":<Double_value>,
      "xmlmaxattributenamelengthcheck":<String_value>,
      "xmlblockdtd":<String_value>,
      "xmlmaxattributevaluelength":<Double_value>,
      "xmlmaxelementdepth":<Double_value>,
      "xmlmaxelementnamelength":<Double_value>,
      "name":<String_value>,
      "xmlblockpi":<String_value>,
      "xmlmaxelementchildrencheck":<String_value>,
      "xmlmaxelements":<Double_value>,
      "xmlmaxentityexpansionscheck":<String_value>,
      "alertonly":<String_value>,
      "xmlmaxnamespaceurilengthcheck":<String_value>,
      "xmlmaxentityexpansiondepthcheck":<String_value>,
      "xmlmaxattributevaluelengthcheck":<String_value>,
      "xmlmaxsoaparraysize":<Double_value>,
      "xmlmaxentityexpansiondepth":<Double_value>,
      "xmlmaxnodescheck":<String_value>,
      "xmlmaxattributenamelength":<Double_value>,
      "xmlmaxchardatalengthcheck":<String_value>,
      "xmlminfilesizecheck":<String_value>,
      "xmlmaxelementchildren":<Double_value>,
      "xmlminfilesize":<Double_value>,
      "xmlmaxnodes":<Double_value>,
      "isautodeployed":<String_value>,
      "comment":<String_value>,
      "xmlmaxattributescheck":<String_value>,
      "xmlmaxsoaparrayrank":<Double_value>,
      "xmlblockexternalentities":<String_value>
}]}

<!--NeedCopy-->

count

URL: http:// <netscaler-ip-address> /nitro/v1/config/appfwprofile_xmldosurl_binding/ name_value<String> ? count=yes

HTTP Method: GET

Request Headers:

Cookie:NITRO_AUTH_TOKEN= <tokenvalue>

Accept:application/json

Response:

HTTP Status Code on Success: 200 OK

HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error

Response Header:

Content-Type:application/json

Response Payload: 


{"appfwprofile_xmldosurl_binding": [ { "__count": "#no"} ] }

<!--NeedCopy-->
appfwprofile_xmldosurl_binding
August 17, 2023
Contributed by: 
C
August 17, 2023
Contributed by: 
C

In this article

Site feedback | Your privacy choices footer linkYour Privacy Choices | Privacy and legal terms | Cookie preferences | Consent settings | docs.cloud.com
© 1999- Cloud Software Group, Inc. All rights reserved.