Input
The Input directives allow you to select filters that will process incoming request data read by the Service stage. For more information, see Input.
The following Input-class filter is described in detail in this section:
In addition, the following common SAFs are valid for the Input directive:
Every Input directive has the following optional parameters.
Table 7-71 Input Directive's Optional Parameters
| Optional Parameters | Description |
|---|---|
| type | (Optional) Specifies a wildcard pattern of MIME types for which this function will be executed. |
| method | (Optional) Specifies a wildcard pattern of HTTP methods for which this function will be executed. Common HTTP methods are GET, HEAD, and POST. |
| query | (Optional) Specifies a wildcard pattern of query strings for which this function will be executed. |
sed-request
The sed-request filter applies the sed edit commands to an incoming request entity body, for example, an uploaded file or submitted form.
Parameters
The following table shows the sed-request parameters:
Table 7-72 sed-request Parameters
| Parameter | Description |
|---|---|
| sed | Specifies a sed command script. When multiple sed parameters are provided, the sed edit commands are evaluated in the order they appear. |
Example
The following obj.conf code instructs sed-request to encode any (<) and (>) characters posted in an HTML form:
Input fn="insert-filter" method="POST" filter="sed-request" sed="s/</\\&lt;/g" sed="s/%3c/\\&lt;/g" sed="s/%3C/\\&lt;/g" sed="s/>/\\&gt;/g" sed="s/%3e/\\&gt;/g" sed="s/%3E/\\&gt;/g"
Because POST bodies are usually URL-encoded, it is important to check for URL-encoded forms when editing POST bodies. %3C is the URL-encoded form of (<) and %3E is the URI-encoded form of (>).
Sign up or Log in to add a comment or watch this page.