Skip to content

appfwprofile_xmldosurl_binding

Binding object showing the xmldosurl that can be bound to appfwprofile.

Properties

(click to see Operations)

NameData TypePermissionsDescription
xmlmaxelementdepthcheck<String>Read-writeState if XML Max element depth check is ON or OFF.
Possible values = ON, OFF
xmlmaxfilesize<Double>Read-writeSpecify the maximum size of XML messages. Protects against overflow attacks.
xmlmaxnamespaceurilength<Double>Read-writeSpecify the longest URI of any XML namespace. Protects against overflow attacks.
xmldosurl<String>Read-writeXML DoS URL regular expression length.
state<String>Read-writeEnabled.
Possible values = ENABLED, DISABLED
xmlsoaparraycheck<String>Read-writeState if XML SOAP Array check is ON or OFF.
Possible values = ON, OFF
xmlmaxelementnamelengthcheck<String>Read-writeState if XML Max element name length check is ON or OFF.
Possible values = ON, OFF
xmlmaxelementscheck<String>Read-writeState if XML Max elements check is ON or OFF.
Possible values = ON, OFF
xmlmaxentityexpansions<Double>Read-writeSpecify maximum allowed number of entity expansions. Protects aganist Entity Expansion Attack.
xmlmaxattributes<Double>Read-writeSpecify maximum number of attributes per XML element. Protects against overflow attacks.
xmlmaxfilesizecheck<String>Read-writeState if XML Max file size check is ON or OFF.
Possible values = ON, OFF
xmlmaxchardatalength<Double>Read-writeSpecify the maximum size of CDATA. Protects against overflow attacks and large quantities of unparsed data within XML messages.
xmlmaxnamespacescheck<String>Read-writeState if XML Max namespaces check is ON or OFF.
Possible values = ON, OFF
xmlmaxnamespaces<Double>Read-writeSpecify maximum number of active namespaces. Protects against overflow attacks.
xmlmaxattributenamelengthcheck<String>Read-writeState if XML Max attribute name length check is ON or OFF.
Possible values = ON, OFF
xmlblockdtd<String>Read-writeState if XML DTD is ON or OFF. Protects against recursive Document Type Declaration (DTD) entity expansion attacks. Also, SOAP messages cannot have DTDs in messages. .
Possible values = ON, OFF
xmlmaxattributevaluelength<Double>Read-writeSpecify the longest value of any XML attribute. Protects against overflow attacks.
xmlmaxelementdepth<Double>Read-writeMaximum nesting (depth) of XML elements. This check protects against documents that have excessive hierarchy depths.
xmlmaxelementnamelength<Double>Read-writeSpecify the longest name of any element (including the expanded namespace) to protect against overflow attacks.
name<String>Read-writeName of the profile to which to bind an exemption or rule.
Minimum length = 1
xmlblockpi<String>Read-writeState if XML Block PI is ON or OFF. Protects resources from denial of service attacks as SOAP messages cannot have processing instructions (PI) in messages.
Possible values = ON, OFF
xmlmaxelementchildrencheck<String>Read-writeState if XML Max element children check is ON or OFF.
Possible values = ON, OFF
xmlmaxelements<Double>Read-writeSpecify the maximum number of XML elements allowed. Protects against overflow attacks.
xmlmaxentityexpansionscheck<String>Read-writeState if XML Max Entity Expansions Check is ON or OFF.
Possible values = ON, OFF
xmlmaxnamespaceurilengthcheck<String>Read-writeState if XML Max namespace URI length check is ON or OFF.
Possible values = ON, OFF
xmlmaxentityexpansiondepthcheck<String>Read-writeState if XML Max Entity Expansions Depth Check is ON or OFF.
Possible values = ON, OFF
xmlmaxattributevaluelengthcheck<String>Read-writeState if XML Max atribute value length is ON or OFF.
Possible values = ON, OFF
xmlmaxsoaparraysize<Double>Read-writeXML Max Total SOAP Array Size. Protects against SOAP Array Abuse attack.
xmlmaxentityexpansiondepth<Double>Read-writeSpecify maximum entity expansion depth. Protects aganist Entity Expansion Attack.
xmlmaxnodescheck<String>Read-writeState if XML Max nodes check is ON or OFF.
Possible values = ON, OFF
xmlmaxattributenamelength<Double>Read-writeSpecify the longest name of any XML attribute. Protects against overflow attacks.
xmlmaxchardatalengthcheck<String>Read-writeState if XML Max CDATA length check is ON or OFF.
Possible values = ON, OFF
xmlminfilesizecheck<String>Read-writeState if XML Min file size check is ON or OFF.
Possible values = ON, OFF
xmlmaxelementchildren<Double>Read-writeSpecify the maximum number of children allowed per XML element. Protects against overflow attacks.
xmlminfilesize<Double>Read-writeEnforces minimum message size.
xmlmaxnodes<Double>Read-writeSpecify the maximum number of XML nodes. Protects against overflow attacks.
comment<String>Read-writeAny comments about the purpose of profile, or other useful information about the profile.
xmlmaxattributescheck<String>Read-writeState if XML Max attributes check is ON or OFF.
Possible values = ON, OFF
xmlmaxsoaparrayrank<Double>Read-writeXML Max Individual SOAP Array Rank. This is the dimension of the SOAP array.
xmlblockexternalentities<String>Read-writeState if XML Block External Entities Check is ON or OFF. Protects against XML External Entity (XXE) attacks that force applications to parse untrusted external entities (sources) in XML documents.
Possible values = ON, OFF
__count<Double>Read-writecount parameter

Operations

(click to see Properties)

ADD:| DELETE:| GET| GET (ALL)| COUNT

Some options that you can use for each operations:

  • Getting warnings in response:NITRO allows you to get warnings in an operation by specifying the "warning" query parameter as "yes". For example, to get warnings while connecting to the Citrix ADC appliance, the URL is as follows:

    http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/login?warning=yes

    If any, the warnings are displayed in the response payload with the HTTP code "209 X-NITRO-WARNING".

  • Authenticated access for individual NITRO operations:NITRO allows you to logon to the Citrix ADC appliance to perform individual operations. You can use this option instead of creating a NITRO session (using the login object) and then using that session to perform all operations,

    To do this, you must specify the username and password in the request header of the NITRO request as follows:

    X-NITRO-USER:<username>

    X-NITRO-PASS:<password>

    Note:In such cases, make sure that the request header DOES not include the following:

    Cookie:NITRO_AUTH_TOKEN=<tokenvalue>

Note:

Mandatory parameters are marked in redand placeholder content is marked in <green>.

add:

URL:http://<Citrix-ADC-IP-address(NSIP)/nitro/v1/config/appfwprofile_xmldosurl_binding

HTTP Method:PUT

Request Headers:

Cookie:NITRO_AUTH_TOKEN=<tokenvalue> Content-Type:application/json

Request Payload:

{
"appfwprofile_xmldosurl_binding":{
<b>"name":<String_value>,
</b>"comment":<String_value>,
"state":<String_value>,
"xmldosurl":<String_value>,
"xmlmaxelementdepthcheck":<String_value>,
"xmlmaxelementdepth":<Double_value>,
"xmlmaxelementnamelengthcheck":<String_value>,
"xmlmaxelementnamelength":<Double_value>,
"xmlmaxelementscheck":<String_value>,
"xmlmaxelements":<Double_value>,
"xmlmaxelementchildrencheck":<String_value>,
"xmlmaxelementchildren":<Double_value>,
"xmlmaxattributescheck":<String_value>,
"xmlmaxattributes":<Double_value>,
"xmlmaxattributenamelengthcheck":<String_value>,
"xmlmaxattributenamelength":<Double_value>,
"xmlmaxattributevaluelengthcheck":<String_value>,
"xmlmaxattributevaluelength":<Double_value>,
"xmlmaxchardatalengthcheck":<String_value>,
"xmlmaxchardatalength":<Double_value>,
"xmlmaxfilesizecheck":<String_value>,
"xmlmaxfilesize":<Double_value>,
"xmlminfilesizecheck":<String_value>,
"xmlminfilesize":<Double_value>,
"xmlblockpi":<String_value>,
"xmlblockdtd":<String_value>,
"xmlblockexternalentities":<String_value>,
"xmlmaxentityexpansionscheck":<String_value>,
"xmlmaxentityexpansions":<Double_value>,
"xmlmaxentityexpansiondepthcheck":<String_value>,
"xmlmaxentityexpansiondepth":<Double_value>,
"xmlmaxnamespacescheck":<String_value>,
"xmlmaxnamespaces":<Double_value>,
"xmlmaxnamespaceurilengthcheck":<String_value>,
"xmlmaxnamespaceurilength":<Double_value>,
"xmlsoaparraycheck":<String_value>,
"xmlmaxsoaparraysize":<Double_value>,
"xmlmaxsoaparrayrank":<Double_value>
}}

Response:

HTTP Status Code on Success: 201 Created HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for Citrix ADC specific errors). The response payload provides details of the error

delete:

URL:http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/appfwprofile_xmldosurl_binding/name_value<String>

Query-parameters:

args

http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/appfwprofile_xmldosurl_binding/name_value<String>?args=xmldosurl:<String_value>

HTTP Method:DELETE

Request Headers:

Cookie:NITRO_AUTH_TOKEN=<tokenvalue>

Response:

HTTP Status Code on Success: 200 OK HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for Citrix ADC specific errors). The response payload provides details of the error

get

URL:http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/appfwprofile_xmldosurl_binding/name_value<String>

Query-parameters:

filter

http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/appfwprofile_xmldosurl_binding/name_value<String>?filter=property-name1:property-value1,property-name2:property-value2

Use this query-parameter to get the filtered set of appfwprofile_xmldosurl_binding resources configured on Citrix ADC. Filtering can be done on any of the properties of the resource.

pagination

http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/appfwprofile_xmldosurl_binding/name_value<String>?pagesize=#no;pageno=#no

Use this query-parameter to get the appfwprofile_xmldosurl_binding resources in chunks.

HTTP Method:GET

Request Headers:

Cookie:NITRO_AUTH_TOKEN=<tokenvalue> Accept:application/json

Response:

HTTP Status Code on Success: 200 OK HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for Citrix ADC specific errors). The response payload provides details of the errorResponse Headers:

Content-Type:application/json

Response Payload:

{ "appfwprofile_xmldosurl_binding": [ {
"xmlmaxelementdepthcheck":<String_value>,
"xmlmaxfilesize":<Double_value>,
"xmlmaxnamespaceurilength":<Double_value>,
"xmldosurl":<String_value>,
"state":<String_value>,
"xmlsoaparraycheck":<String_value>,
"xmlmaxelementnamelengthcheck":<String_value>,
"xmlmaxelementscheck":<String_value>,
"xmlmaxentityexpansions":<Double_value>,
"xmlmaxattributes":<Double_value>,
"xmlmaxfilesizecheck":<String_value>,
"xmlmaxchardatalength":<Double_value>,
"xmlmaxnamespacescheck":<String_value>,
"xmlmaxnamespaces":<Double_value>,
"xmlmaxattributenamelengthcheck":<String_value>,
"xmlblockdtd":<String_value>,
"xmlmaxattributevaluelength":<Double_value>,
"xmlmaxelementdepth":<Double_value>,
"xmlmaxelementnamelength":<Double_value>,
"name":<String_value>,
"xmlblockpi":<String_value>,
"xmlmaxelementchildrencheck":<String_value>,
"xmlmaxelements":<Double_value>,
"xmlmaxentityexpansionscheck":<String_value>,
"xmlmaxnamespaceurilengthcheck":<String_value>,
"xmlmaxentityexpansiondepthcheck":<String_value>,
"xmlmaxattributevaluelengthcheck":<String_value>,
"xmlmaxsoaparraysize":<Double_value>,
"xmlmaxentityexpansiondepth":<Double_value>,
"xmlmaxnodescheck":<String_value>,
"xmlmaxattributenamelength":<Double_value>,
"xmlmaxchardatalengthcheck":<String_value>,
"xmlminfilesizecheck":<String_value>,
"xmlmaxelementchildren":<Double_value>,
"xmlminfilesize":<Double_value>,
"xmlmaxnodes":<Double_value>,
"comment":<String_value>,
"xmlmaxattributescheck":<String_value>,
"xmlmaxsoaparrayrank":<Double_value>,
"xmlblockexternalentities":<String_value>
}]}

get (all)

URL:http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/appfwprofile_xmldosurl_binding

Query-parameters:

bulkbindings

http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/appfwprofile_xmldosurl_binding?bulkbindings=yes

NITRO allows you to fetch bindings in bulk.

HTTP Method:GET

Request Headers:

Cookie:NITRO_AUTH_TOKEN=<tokenvalue> Accept:application/json

Response:

HTTP Status Code on Success: 200 OK HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for Citrix ADC specific errors). The response payload provides details of the errorResponse Headers:

Content-Type:application/json

Response Payload:

{ "appfwprofile_xmldosurl_binding": [ {
"xmlmaxelementdepthcheck":<String_value>,
"xmlmaxfilesize":<Double_value>,
"xmlmaxnamespaceurilength":<Double_value>,
"xmldosurl":<String_value>,
"state":<String_value>,
"xmlsoaparraycheck":<String_value>,
"xmlmaxelementnamelengthcheck":<String_value>,
"xmlmaxelementscheck":<String_value>,
"xmlmaxentityexpansions":<Double_value>,
"xmlmaxattributes":<Double_value>,
"xmlmaxfilesizecheck":<String_value>,
"xmlmaxchardatalength":<Double_value>,
"xmlmaxnamespacescheck":<String_value>,
"xmlmaxnamespaces":<Double_value>,
"xmlmaxattributenamelengthcheck":<String_value>,
"xmlblockdtd":<String_value>,
"xmlmaxattributevaluelength":<Double_value>,
"xmlmaxelementdepth":<Double_value>,
"xmlmaxelementnamelength":<Double_value>,
"name":<String_value>,
"xmlblockpi":<String_value>,
"xmlmaxelementchildrencheck":<String_value>,
"xmlmaxelements":<Double_value>,
"xmlmaxentityexpansionscheck":<String_value>,
"xmlmaxnamespaceurilengthcheck":<String_value>,
"xmlmaxentityexpansiondepthcheck":<String_value>,
"xmlmaxattributevaluelengthcheck":<String_value>,
"xmlmaxsoaparraysize":<Double_value>,
"xmlmaxentityexpansiondepth":<Double_value>,
"xmlmaxnodescheck":<String_value>,
"xmlmaxattributenamelength":<Double_value>,
"xmlmaxchardatalengthcheck":<String_value>,
"xmlminfilesizecheck":<String_value>,
"xmlmaxelementchildren":<Double_value>,
"xmlminfilesize":<Double_value>,
"xmlmaxnodes":<Double_value>,
"comment":<String_value>,
"xmlmaxattributescheck":<String_value>,
"xmlmaxsoaparrayrank":<Double_value>,
"xmlblockexternalentities":<String_value>
}]}

count

URL:http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/appfwprofile_xmldosurl_binding/name_value<String>?count=yes

HTTP Method:GET

Request Headers:

Cookie:NITRO_AUTH_TOKEN=<tokenvalue> Accept:application/json

Response:

HTTP Status Code on Success: 200 OK HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for Citrix ADC specific errors). The response payload provides details of the errorResponse Headers:

Content-Type:application/json

Response Payload:

{"appfwprofile_xmldosurl_binding": [ { "__count": "#no"} ] }