com.atlassian.confluence.content.render.xhtml.migration.exceptions.UnknownMacroMigrationException: The macro 'next_previous_links' is unknown.

Gateway Threat Protectors for API Manager

Owned by Former user (Deleted)
Last updated: Dec 01, 2018 by Former user (Deleted)
2 min read

WSO2 API Manager has three types of threat protectors for the Gateway.

Combining threat protectors

You can use a combination of the threat protectors given above to validate the messages and protect your gateway from attacks. An example custom mediation policy which which validates the API request against XML and regex valdators is given below.

<sequence xmlns="http://ws.apache.org/ns/synapse" name="combinevalidator">
    <property name="xmlValidation" value="true"/>
    <property name="dtdEnabled" value="false"/>
    <property name="externalEntitiesEnabled" value="true"/>
    <property name="maxXMLDepth" value="30"/>
    <property name="maxElementCount" value="30"/>
    <property name="maxAttributeCount" value="30"/>
    <property name="maxAttributeLength" value="30"/>
    <property name="entityExpansionLimit" value="30"/>
    <property name="maxChildrenPerElement" value="30"/>
    <property name="schemaValidation" value="true"/>
    <switch source="get-property('To')">
         <case regex=".*/addResource.*">
            <property name="xsdURL" value="http://localhost:8000/shiporder.xsd"/>
        </case>
    </switch>
    <class name="org.wso2.carbon.apimgt.gateway.mediators.XMLSchemaValidator"/>
    <property name="threatType" expression="get-property('threatType')" value="SQL-Injection"/>
    <property name="regex" expression="get-property('regex')" value="((drop\s*table\s\S.*)|(insert\s*into\s\S.*)|
(delete\s*from\s\S.*)|(create\s*database\s\S.*)|(drop\s*database\s\S.*)|(create\s*table\s\S.*)|(alter\s*table\
s\S.*)|(truncate\s*table\s\S.*)|(select\s\S.*FROM\s\S.*)|(alter\s*table\s\S.*)|(\bor\b))"/>
    <property name="enabledCheckBody" expression="get-property('checkBodyEnable')" value="true"/>
    <property name="enabledCheckHeaders" expression="get-property('enabledCheckHeaders')" value="true"/>
    <property name="enabledCheckPathParams" expression="get-property('enabledCheckPathParams')" value="true"/>
    <class name="org.wso2.carbon.apimgt.gateway.mediators.RegularExpressionProtector"/>
</sequence>


Add a custom sequence

You can add custom sequences depending on the threats that you need to address. To add a custom sequence, do the following.

  1. Create an xml file with your custom sequence, or edit and save the sequence given above.
  2. Go to Message Mediation Policies as described in the previous section.
  3. Click Upload In Flow.
  4. Select and upload your custom sequence.


com.atlassian.confluence.content.render.xhtml.migration.exceptions.UnknownMacroMigrationException: The macro 'next_previous_links2' is unknown.