$ luarocks install kong-plugin-json-threat-protection
Like XML-based services, APIs that support JavaScript object notation (JSON) are vulnerable to content-level attacks.
Simple JSON attacks attempt to use structures that overwhelm JSON parsers to crash a service and induce application-level denial-of-service attacks.
All settings are optional and should be tuned to optimize your service requirements against potential vulnerabilities.
Versions
Dependencies
lua ~> 5.1
stringy ~> 0.4-1