OWASP API Security Top 10 2019 Checklist

injection-pattern-on-string-parameters

general > injection-pattern-on-string-parameters

Guidance / Message

Parameter '{{core.name}}' must use a strict pattern.

Examples

valid

queryParameters:
  organizationid:
    displayName: OrganizationID
    type: string
    pattern: ^[{]?[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}[}]?$
    example: 301b960b-6b0b-40ef-a635-ada6b13f13c8

invalid

queryParameters:
  organizationid:
    displayName: OrganizationID
    type: string
    example: 301b960b-6b0b-40ef-a635-ada6b13f13c8

Applies to Parameter

Constraint

Type: Declarative Validation

Asset overview
Type	Ruleset
Organization	MuleSoft
Published by	MuleSoft Organization
Published on	Nov 29, 2023

Asset versions for 2.1.x

Asset versions
Version	Actions
2.1.0

injection-pattern-on-string-parameters

Guidance / Message

Examples

valid

invalid

Constraint

Type: Declarative Validation

Asset versions for 2.1.x

Tags