@@ -1556,4 +1556,96 @@ newrelic.daemon.logfile = "/var/log/newrelic/newrelic-daemon.log"
15561556; all application instances for that specific entity.
15571557; If `newrelic.security.iast_test_identifier` is specified, this value is by default 1.
15581558;
1559- ;newrelic.security.iast_test_identifier = 0
1559+ ;newrelic.security.iast_test_identifier = 0
1560+
1561+ ; Setting: newrelic.security.scan_controllers.report_http_response_body
1562+ ; Type : boolean
1563+ ; Scope : system
1564+ ; Default: true
1565+ ; Info : This configuration allows user to enable / disable sending of HTTP responses body.
1566+ ; Disabling reading of http response body will also disable RXSS vulnerability detection.
1567+ ;
1568+ ;newrelic.security.scan_controllers.report_http_response_body = true
1569+
1570+ ; Setting: newrelic.security.restriction_criteria.account_info.account_id_values
1571+ ; Type : string
1572+ ; Scope : system
1573+ ; Default: none
1574+ ; Info : Applicable only with IAST_RESTRICTION as `newrelic.security.mode`.
1575+ ; A list of account id values separated by :: (double colon) to run IAST
1576+ ; on specific test accounts only.
1577+ ;
1578+ ;newrelic.security.restriction_criteria.account_info.account_id_values = "account1::account2"
1579+
1580+ ; Setting: newrelic.security.restriction_criteria.account_info.mapping_parameters.header.enabled
1581+ ; Type : boolean
1582+ ; Scope : system
1583+ ; Default: false
1584+ ; Info : Applicable only with IAST_RESTRICTION as `newrelic.security.mode` and
1585+ ; `newrelic.security.restriction_criteria.account_info.account_id_values`.
1586+ ; Indicates if account id value is to be looked up in the header on which to run IAST.
1587+ ;
1588+ ;newrelic.security.restriction_criteria.account_info.mapping_parameters.header.enabled = false
1589+
1590+ ; Setting: newrelic.security.restriction_criteria.account_info.mapping_parameters.header.location
1591+ ; Type : string
1592+ ; Scope : system
1593+ ; Default: none
1594+ ; Info : Applicable only with IAST_RESTRICTION as `newrelic.security.mode` and
1595+ ; `newrelic.security.restriction_criteria.account_info.account_id_values`.
1596+ ; A list of header keys separated by :: (double colon) to lookup account id values to
1597+ ; run IAST on specific test accounts only.
1598+ ;
1599+ ;newrelic.security.restriction_criteria.account_info.mapping_parameters.header.location = "X-Account::X-Nr-Account"
1600+
1601+ ; Setting: newrelic.security.restriction_criteria.account_info.mapping_parameters.body.enabled
1602+ ; Type : boolean
1603+ ; Scope : system
1604+ ; Default: false
1605+ ; Info : Applicable only with IAST_RESTRICTION as `newrelic.security.mode` and
1606+ ; `newrelic.security.restriction_criteria.account_info.account_id_values`.
1607+ ; Indicates if account id value is to be looked up in the body on which to run IAST.
1608+ ;
1609+ ;newrelic.security.restriction_criteria.account_info.mapping_parameters.body.enabled = false
1610+
1611+ ; Setting: newrelic.security.restriction_criteria.account_info.mapping_parameters.body.location
1612+ ; Type : string
1613+ ; Scope : system
1614+ ; Default: none
1615+ ; Info : Applicable only with IAST_RESTRICTION as `newrelic.security.mode` and
1616+ ; `newrelic.security.restriction_criteria.account_info.account_id_values`.
1617+ ; A list of body keys separated by :: (double colon) to lookup account id values to
1618+ ; run IAST on specific test accounts only.
1619+ ;
1620+ ;newrelic.security.restriction_criteria.account_info.mapping_parameters.body.location = "account.id::account.test.id"
1621+
1622+ ; Setting: newrelic.security.restriction_criteria.account_info.mapping_parameters.query.enabled
1623+ ; Type : boolean
1624+ ; Scope : system
1625+ ; Default: false
1626+ ; Info : Applicable only with IAST_RESTRICTION as `newrelic.security.mode` and
1627+ ; `newrelic.security.restriction_criteria.account_info.account_id_values`.
1628+ ; Indicates if account id value is to be looked up in the query on which to run IAST.
1629+ ;
1630+ ;newrelic.security.restriction_criteria.account_info.mapping_parameters.query.enabled = false
1631+
1632+ ; Setting: newrelic.security.restriction_criteria.account_info.mapping_parameters.query.location
1633+ ; Type : string
1634+ ; Scope : system
1635+ ; Default: none
1636+ ; Info : Applicable only with IAST_RESTRICTION as `newrelic.security.mode` and
1637+ ; `newrelic.security.restriction_criteria.account_info.account_id_values`.
1638+ ; A list of query keys separated by :: (double colon) to lookup account id values to
1639+ ; run IAST on specific test accounts only.
1640+ ;
1641+ ;newrelic.security.restriction_criteria.account_info.mapping_parameters.query.location = "id::user"
1642+
1643+ ; Setting: newrelic.security.restriction_criteria.account_info.mapping_parameters.path.enabled
1644+ ; Type : boolean
1645+ ; Scope : system
1646+ ; Default: false
1647+ ; Info : Applicable only with IAST_RESTRICTION as `newrelic.security.mode` and
1648+ ; `newrelic.security.restriction_criteria.account_info.account_id_values`.
1649+ ; Indicates if account id value is to be looked up in the path on which to run IAST.
1650+ ;
1651+ ;newrelic.security.restriction_criteria.account_info.mapping_parameters.path.enabled = false
0 commit comments