XML schema files specify the acceptable structure of and elements in an XML document. When you use XML schema files to check XML content in HTTP requests, it's easier to describe acceptable content and validate that the content is well-formed.
You can configure FortiADC's web application firewall (WAF) to use trusted XML schema files to validate XML content in HTTP requests that contain XML. Using XML schema files to validate XML content can ensure that client requests to web servers are well-formed and do not contain any potential attacks.
Before you begin, you must:
- Download a trusted XML schema file that you can import to FortiADC. Acceptable file types are
- Go to Web Application Firewall > API Protection and select the XML Schema tab.
- Click Create New.
- Enter the name of the XML schema configuration. You will use the name to select the schema file in XML detection profiles. No spaces.
- Click Choose File and select the XML schema file that you want to import.
- Click Save.