Airlock Gateway parses JSON (JavaScript Object Notation) objects in requests and allows filtering of JSON attributes with allow rules and deny rules. Arguments in JSON structures are treated in exactly the same way as normal HTTP parameters.
Generation of Airlock Gateway parameters from JSON objects
For a detailed description of the JSON object syntax please refer to json.org. If parsing of a JSON object fails due to illegal syntax, a message of type WR-SG-BLOCK-109-01 (JSON syntax error message) is written to the log. The log message indicates the position of the character for which parsing failed.
Here is an example of a simple JSON object representing a user:
{ "firstName": "Simon", "lastName": "Smith", "age": 25, "address": { "streetAddress": "21 2nd Street", "city": "New York", "state": "NY", "postalCode": "10021" }, "phoneNumber": [ { "type": "home", "number": "212 555-1234" }, { "type": "fax", "number": "646 555-4567" } ], "newSubscription": false, "companyName": null }
Airlock Gateway automatically generates flattened parameters from object attributes. Parameter names start with "#json" and attribute names are separated by hashes (#). Entries in arrays are enumerated. Parameter values are generated from the trimmed strings of the original JSON record values.
For example, the following parameters are generated from the above user object:
Parameter Name | Parameter Value |
---|---|
#json#firstName | Simon |
#json#lastName | Smith |
#json#age | 25 |
#json#address#streetAddress | 21 2nd Street |
#json#address#city | New York |
#json#address#state | NY |
#json#address#postalCode | 10021 |
#json#phoneNumber#0#type | home |
#json#phoneNumber#0#number | 212 555-1234 |
#json#phoneNumber#1#type | fax |
#json#phoneNumber#1#number | 646 555-4567 |
#json#address#newSubscription | false |
#json#address#companyName | null |
Filtering of JSON attributes
The parameters generated from JSON objects are treated the same way as parameters from GET or POST requests. That is, JSON parameters must comply with allow and deny rule limitations.
Also, parameters generated from JSON objects can be excluded from filters, just as ordinary parameters. For instance, to exclude all phone numbers in the above object from a deny rule, add this parameter exception: ^#json#phonenumber#[[:digit:]]+#number$
.
In addition every flattened parameter is counted as one parameter. This means that in this JSON example Airlock Gateway counts 13 parameters. Please check if the 'Max parameters' value in the allow rule is sufficient.