XML Threat Protection

Malicious attacks on XML applications typically involve large, recursive payloads, XPath/XSLT or SQL injections, and CData. Using the XML Threat Protection policy, you can limit the size of things, such as maximum node depth and text node length, in your XML code to thwart malicious attacks. You can limit the size of comments to prevent invasions through CData, for example.

Protecting XML Applications

Configure XML threat protection using the procedure to protect XML applications.

Configure XML threat protection. Set limits, and click apply to start protecting your XML code. The following example shows configuration of an XML threat protection policy.

xml threat policy

Responses to XML Threat Protection Policies

  • 200

    Message successfully sent.

  • 400 Bad Request

    Any request that violates the configured limits causes a Bad Request error.

Was this article helpful?

💙 Thanks for your feedback!

Submit your feedback!
Share your thoughts to help us build the best documentation experience for you!
Take our latest survey!