To Configure and Apply JSON Threat Protection (Nov 2017 and Jul 2017)

By its nature, JSON is vulnerable to JavaScript injection. When you parse the JSON object, the malicious code inflicts its damages. An inordinate increase in the size and depth of the JSON payload can indicate injection. Applying the JSON threat protection policy can limit the size of your JSON payload and thwart recursive additions to the JSON hierarchy.

  1. Click the version (Nov 2017) or instance (Jul 2017) number of an API.

  2. On the API dashboard, click Policies.

    The list of any applied policies appears.

  3. In Apply New Policy.

  4. In Select Policy, choose JSON Threat Protection, and click Configure Policy.

  5. Specify set limits, and click apply to start protecting your JSON code. The following example shows configuration of a JSON threat protection policy.


    Configuring a value of -1, for example for node depth, specifies unlimited depth.