Layer7 API Management

I am using policy fragment where I am adding security assertions. This fragment policy is included in main API service policy. In this fragment, I am using "Request: Protect against code injection [URL query string]" assertion and  getting below error message.

 "Unable to protect against code injection attacks - the request has already been routed"

 Same kind of error I am getting for another assertion "Request: Protect against SQL attack [URL path]"

 "Unable to protect against SQL attacks - the request has already been routed".

Regards,
Sumeet

Hello,

This will happen if you have a routing statement before threat protection assertion.

Can you send a screen shot of your services or post an export of it? 
Original Message:
Sent: 07-23-2020 03:21 AM
From: Sumeet Basu
Subject: Getting failure when using Protect against code injection or sql attacks assertions

I am using policy fragment where I am adding security assertions. This fragment policy is included in main API service policy. In this fragment, I am using "Request: Protect against code injection [URL query string]" assertion and  getting below error message.

 "Unable to protect against code injection attacks - the request has already been routed"

 Same kind of error I am getting for another assertion "Request: Protect against SQL attack [URL path]"

 "Unable to protect against SQL attacks - the request has already been routed".

Regards,
Sumeet