Product Documentation

XML Content Types

Aug 31, 2016

By default, the application firewall treats files that follow certain naming conventions as XML. You can configure the application firewall to examine web content for additional strings or patterns that indicate that those files are XML files. This can ensure that the application firewall recognizes all XML content on your site, even if certain XML content does not follow normal XML naming conventions, ensuring that XML content is subjected to XML security checks.

To configure the XML content types, you add the appropriate patterns to the XML Content Types list. You can enter a content type as a string, or you can enter a PCRE-compatible regular expression specifying one or more strings. You can also modify the existing XML content types patterns.

To add an XML content type pattern by using the command line interface

At the command prompt, type the following commands:

  • add appfw XMLContentType <XMLContenttypevalue> [-isRegex ( REGEX | NOTREGEX )]
  • save ns config

Example

The following example adds the pattern .*/xml to the XML Content Types list and designates it as a regular expression.

add appfw XMLContentType ".*/xml" -isRegex REGEX

To remove an XML content type pattern by using the command line interface

At the command prompt, type the following commands:

  • rm appfw XMLContentType <XMLContenttypevalue>
  • save ns config

To configure the XML content type list by using the configuration utility

  1. Navigate to Security > Application Firewall.
  2. In the details pane, under Settings, click Manage XML Content Types.
  3. In the Manage XML Content Types dialog box, do one of the following:
    • To add a new XML content type, click Add.
    • To modify an existing XML content type, select that type and then click Edit.
    The Configure Application Firewall XML Content Type dialog appears.
    Note: If you select an existing XML content type pattern and then click Add, the dialog box displays the information for that XML content type pattern. You can modify that information to create your new XML content type pattern.
  4. In the dialog box, fill out the elements. They are:
    • IsRegex. Select or clear to enable PCRE-format regular expressions in the form field name.
    • XML Content Type Enter a literal string or PCRE-format regular expression that matches the XML content type pattern that you want to add.
  5. Click Create.
  6. To remove an XML content type pattern from the list, select it, then click Remove to remove it, and then click OK to confirm your choice.
  7. When you have finished adding and removing XML content type patterns, click Close.