You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@apisix.apache.org by GitBox <gi...@apache.org> on 2020/07/24 07:30:37 UTC
[GitHub] [incubator-apisix] sshniro opened a new issue #1897: Allow or Reject API calls based on arbitrary code execution
sshniro opened a new issue #1897:
URL: https://github.com/apache/incubator-apisix/issues/1897
Hello, I need to allow or reject API calls via performing a regex check on the request body. Is there a mechanism available in APISIX to do this? or this should be a custom plugin?
POST Data
```json
body:{
"topic_name": "prefix_a"
}
```
APISIX Code
```lua
-- decode body
-- run regex on topic name
-- allow if it conforms to the regex pattern
```
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [incubator-apisix] moonming commented on issue #1897: Allow or Reject API calls based on arbitrary code execution
Posted by GitBox <gi...@apache.org>.
moonming commented on issue #1897:
URL: https://github.com/apache/incubator-apisix/issues/1897#issuecomment-663462714
sure, it's a good way.
Thanks,
Ming Wen
Twitter: _WenMing
Nirojan Selvanathan <no...@github.com> 于2020年7月24日周五 下午5:31写道:
> Thanks, I was also going through the serverless plugin, is there a way
> this plugin can be modified to read the body and reject the calls
> @moonming <https://github.com/moonming> ?
>
> —
> You are receiving this because you were mentioned.
> Reply to this email directly, view it on GitHub
> <https://github.com/apache/incubator-apisix/issues/1897#issuecomment-663447663>,
> or unsubscribe
> <https://github.com/notifications/unsubscribe-auth/AGJZBKZNACM6ND3THBWLXVDR5FIH5ANCNFSM4PGOR3QA>
> .
>
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [incubator-apisix] moonming commented on issue #1897: Allow or Reject API calls based on arbitrary code execution
Posted by GitBox <gi...@apache.org>.
moonming commented on issue #1897:
URL: https://github.com/apache/incubator-apisix/issues/1897#issuecomment-663414210
it looks like a feature of WAF.
You can create a new plugin to parse post body, there's no mechanism in place to do this yet.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [incubator-apisix] sshniro closed issue #1897: Allow or Reject API calls based on arbitrary code execution
Posted by GitBox <gi...@apache.org>.
sshniro closed issue #1897:
URL: https://github.com/apache/incubator-apisix/issues/1897
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [incubator-apisix] sshniro commented on issue #1897: Allow or Reject API calls based on arbitrary code execution
Posted by GitBox <gi...@apache.org>.
sshniro commented on issue #1897:
URL: https://github.com/apache/incubator-apisix/issues/1897#issuecomment-665511785
Thanks.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [incubator-apisix] sshniro commented on issue #1897: Allow or Reject API calls based on arbitrary code execution
Posted by GitBox <gi...@apache.org>.
sshniro commented on issue #1897:
URL: https://github.com/apache/incubator-apisix/issues/1897#issuecomment-663447663
Thanks, I was also going through the serverless plugin, is there a way this plugin can be modified to read the body and reject the calls @moonming ?
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org