This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

RegularExpressionProtection policy reg ex optimizations.

Posted on 02-20-2020 11:04 PM
amitsatishnerka
New Member
Reply posted on --/--/---- --:-- AM

i am using the below regular expression policy

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<RegularExpressionProtection async="false" continueOnError="false" enabled="true" name="Regular-Expression-Protection">
    <DisplayName>Regular Expression Protection</DisplayName>
    <Properties/>
    <IgnoreUnresolvedVariables>false</IgnoreUnresolvedVariables>
    <URIPath>
        <Pattern>[\s]*((delete)|(exec)|(drop\s*table)|(insert)|(shutdown)|(update )|(\bor\b))</Pattern>
    </URIPath>
    
     <JSONPayload>
        <JSONPath>
            <Expression>$.</Expression>
            <Pattern>[\s]*((delete)|(exec)|(drop\s*table)|(insert)|(shutdown)|(update )|(\bor\b))</Pattern>
        </JSONPath>
    </JSONPayload>
    <Source>request</Source>
</RegularExpressionProtection>

In this i am using Pattern "*" as wild char search. in Apigee anti pattern it is suggested to use Reluctant quantifiers like "*?". However the reluctant quantifiers take even more time than greedy quantifiers like "*".

Can you suggest an optimized quantifier which will take less time to process than "*".

Best regards,

Amit

0 7 300
Topic Labels
0 Likes
Reply
7 REPLIES 7