'Azure Application Gateway exclude - inspection of nested request body property

I need to exclude the inspection of a nested request body parameter in Azure Application Gateway. Using the Azure Portal, I've tried the following without success:

e.g. request body contents:

{
  "aRootProperty": "value",
  "aRootContainer": {
    "aNestedProperty": "some-string-that-causes-false-positives"
  }
}

Azure Portal Exclusion config:

Field: Request Attribute Name

Operator: Equals

Selector: aNestedProperty

The documentation has a couple of examples but they're not very useful. Additionally, the docs don't really cover how the various Operators and the Selector work in practice.

With some testing, I found that I could use the Contains operator, but that's a bit more permissive than I'd like as any property that happens to contain the string "aNestedProperty" will be excluded.

azure azure-application-gateway

Solution 1:^[1]

It's undocumented, but the Selector supports dot-notation for exclusion of nested properties.

So, the rule can be updated to the following for success (and it's not unnecessarily permissive!):

Field: Request Attribute Name

Operator: Equals

Selector: aRootContainer.aNestedProperty

I've posted this doc issue so that the docs are (hopefully) updated soon.

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution	Source
Solution 1	MandM

'Azure Application Gateway exclude - inspection of nested request body property

Solution 1:[1]

Sources

Related Questions

Solution 1:^[1]