Master Data Management with webMethods OneData : Administering webMethods OneData : Configuring Security : Protecting Against Cross-Site Scripting : Enforcing Data Validation : Enforcing Validation of Data Requests
Enforcing Validation of Data Requests
Use validateParameter to validate the data returned in data requests.
To restrict < > and “ ” characters in data requests
1. On the Menu toolbar, click Administer > System > System Properties.
2. In Scripting > Data Validation Script, enter the following script, customizing it for your organization:
def validateParameter(value):
import java.util as util
from com.datafoundations.onedata.helper
import ValidationResponseObject
obj=ValidationResponseObject()
lInvalidParameters = util.ArrayList()
reg = re.compile("(((%3C|<)script(>|%3E)))|" +
"(((%27)|('))((\s|\+)*)union(\s|\+))"
re.IGNORECASE)
for parameterValue in value:
match=re.search(reg, parameterValue)
if match:
lInvalidParameters.add(parameterValue)
obj.setInvalidParameterValues(lInvalidParameters)
return obj;
3. Click Save.
Copyright © 2011-2016 Software AG, Darmstadt, Germany.
Product LogoContact Support   |   Community   |   Feedback