Request Method Limiting

최신 업데이트:2022-12-23 16:31:08

1 Feature Intro

1.1 Brief Inrtoduction

Identifies illegal request methods and blocks malicious requests accurately, to ensure the security of the APIs.

2 Feature Detail

2.1 Request Method Limiting

Define legitimate request methods, actively block the API request with malicious request method to ensure the security of API assets.

In RESTful web services, the HTTP request type indicates the operation to be performed on the resource. Using illegal request methods may lead to malicious deletion or malicious tampering of API data, for example:

  • Accessing /employee/101 with an HTTP GET request retrieves the details of the 101 user.
  • Accessing /employee/102 with a POST request will create a new employee with ID 102.
  • Using PUT to request access to /employee/101, which can be used to update the information of employee 101.
  • Using a DELETE request to access /employee/101, the data of the employee with ID 101 can be deleted.

If an API asset currently only allows to be requested by GET method, you should limit other illegal request methods.

2.2 How It Works

Once you confirue the valid request method for your API assets,API shield will detect whether the API request carries the correct request method or not, if not, the request will be blocked.
墨西哥、多米尼加共和国新节点上线

이 문서의 내용이 도움이 되었습니까?
아니오
정상적으로 제출되었습니다.피드백을 주셔서 감사합니다.앞으로도 개선을 위해 노력하겠습니다.