You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When I use a regex_policy sequence, and invoke an API with it attached, first time all works as expected but then, when I keep trying this endpoint, I am always getting an API response with the message "Threat detection key words are missing".
Analyzing the carbon-apimgt code I saw that I am getting this message because this fragment of code:
messageProperty = messageContext.getProperty(APIMgtGatewayConstants.REGEX_PATTERN);
if (messageProperty != null && pattern == null) {
pattern = Pattern.compile(messageProperty.toString(), Pattern.CASE_INSENSITIVE);
} else {
GatewayUtils.handleThreat(messageContext, APIMgtGatewayConstants.HTTP_SC_CODE,
"Threat detection key words are missing");
returntrue;
}
So maybe the regex property is being retrieved as null or maybe the pattern variable is null...but the pattern variable is never being assigned before or I can't see where.
Description:
When I use a regex_policy sequence, and invoke an API with it attached, first time all works as expected but then, when I keep trying this endpoint, I am always getting an API response with the message "Threat detection key words are missing".
Analyzing the carbon-apimgt code I saw that I am getting this message because this fragment of code:
So maybe the regex property is being retrieved as null or maybe the pattern variable is null...but the pattern variable is never being assigned before or I can't see where.
Here my full sequence code:
I also saw on this commit 0311249 that in previous version the "pattern == null" check was inside the first if.
Thank for your time.
Steps to reproduce:
Affected Product Version:
API Manager 3.1.0
Environment details (with versions):
am-analytics-worker:
image: wso2/wso2am-analytics-worker:3.1.0
api-manager:
image: wso2/wso2am:3.1.0
am-analytics-dashboard:
image: wso2/wso2am-analytics-dashboard:3.1.0
Suggested Labels:
threat protection regex api manager security
The text was updated successfully, but these errors were encountered: