Suppose the request data for your web application contains a credit card field
(CREDIT_CARD_NO
), whose value you wish to block. Additionally, you want to block
the fieldname itself for extra security, and requests that include the field also include a section
called [CustInfo]
that you want to remove.
You can manage these tasks by doing the following rules configuration.
- Create an action to delete the request variable:
- Name:
Del_CREDIT_CARD_NO
- Action:
ReqDelete
- Section: Leave blank
- Field:
CREDIT_CARD_NO
- Name:
- Create an action to delete the
[CustInfo]
section:- Name:
Del_CustInfo
- Action:
ReqDelete
- Section:
CustInfo
- Field: Leave blank
- Name:
- Create a rule with the following values:
- ReqField:
CREDIT_CARD_NO
- ReqOp:
exists
- Enabled:
true
- Actions:
Del_CREDIT_CARD_NO
Del_CustInfo
- ReqField: