How are JSON API payloads inspected and redacted?
Signal Sciences will automatically parse all JSON key/value pairs and treat them as any other request parameter so attack and anomaly detection, custom signals and redactions will all work properly in the context of these requests.
For example in the following sample requests we can see how redactions would work within the context of a request.
Initial Request
POST /request HTTP/1.1
Content-Length: 72
Content-Type: application/json
Host: api.example.com
{"user":"user@api.example.com","password":"<script>alert(1)</script>mypassword","zip":94089}
Sent to Signal Sciences
POST /request HTTP/1.1
Host: api.example.com
password=
Initial Request
POST /request HTTP/1.1
Content-Length: 72
Content-Type: application/json
Host: api.example.com
{"user":"user@api.example.com","password":"mypassword","zip":"<script>alert(1)</script>94089"}
Sent to Signal Sciences
POST /request HTTP/1.1
Host: api.example.com
zip=<script>alert(1)</script>