用于验证请求和响应的 API 管理策略API Management policies to validate requests and responses

本文提供有关以下 API 管理策略的参考。This article provides a reference for the following API Management policies. 有关添加和配置策略的信息,请参阅 API 管理中的策略For information on adding and configuring policies, see Policies in API Management.

使用验证策略可以根据 OpenAPI 架构验证 API 请求和响应,并防范头注入或有效负载注入等漏洞。Use validation policies to validate API requests and responses against an OpenAPI schema and protect from vulnerabilities such as injection of headers or payload. 虽然验证策略不能取代 Web 应用程序防火墙,但它们可让用户灵活应对依赖于静态预定义规则的安全产品所不能涵盖的其他威胁种类。While not a replacement for a Web Application Firewall, validation policies provide flexibility to respond to an additional class of threats that are not covered by security products that rely on static, predefined rules.

验证策略Validation policies

  • 验证内容 - 根据 API 架构验证请求或响应正文的大小或 JSON 架构。Validate content - Validates the size or JSON schema of a request or response body against the API schema.
  • 验证参数 - 根据 API 架构验证请求头、查询或路径参数。Validate parameters - Validates the request header, query, or path parameters against the API schema.
  • 验证头 - 根据 API 架构验证响应头。Validate headers - Validates the response headers against the API schema.
  • 验证状态代码 - 根据 API 架构验证响应中的 HTTP 状态代码。Validate status code - Validates the HTTP status codes in responses against the API schema.

备注

验证策略可使用的 API 架构的最大大小为 4 MB。The maximum size of the API schema that can be used by a validation policy is 4 MB. 如果架构超过此限制,验证策略将在运行时返回错误。If the schema exceeds this limit, validation policies will return errors on runtime. 若要提高限制,请与支持部门联系。To increase it, please contact support.

ActionsActions

每个验证策略包含一个用于指定操作的特性,API 管理在根据 API 架构验证 API 请求或响应中的实体时,将执行此操作。Each validation policy includes an attribute that specifies an action, which API Management takes when validating an entity in an API request or response against the API schema. 可为 API 架构中表示的元素指定操作,并可以根据策略为 API 架构中未表示的元素指定操作。An action may be specified for elements that are represented in the API schema and, depending on the policy, for elements that aren't represented in the API schema. 在策略的子元素中指定的操作将替代针对其父级指定的操作。An action specified in a policy's child element overrides an action specified for its parent.

可用操作:Available actions:

操作Action 说明Description
ignoreignore 跳过验证。Skip validation.
preventprevent 阻止请求或响应处理,记录详细验证错误,并返回错误。Block the request or response processing, log the verbose validation error, and return an error. 检测到第一组错误时便中断处理。Processing is interrupted when the first set of errors is detected.
检测 (detect)detect 记录验证错误,但不中断请求或响应处理。Log validation errors, without interrupting request or response processing.

日志Logs

有关在执行策略期间出现的验证错误的详细信息将记录到策略根元素的 errors-variable-name 特性中指定的 context.Variables 内的变量。Details about the validation errors during policy execution are logged to the variable in context.Variables specified in the errors-variable-name attribute in the policy's root element. prevent 操作中进行配置后,验证错误会阻止进一步的请求或响应处理,并会传播到 context.LastError 属性。When configured in a prevent action, a validation error blocks further request or response processing and is also propagated to the context.LastError property.

若要调查错误,请使用跟踪策略将上下文变量中的错误记录到 Application InsightsTo investigate errors, use a trace policy to log the errors from context variables to Application Insights.

性能影响Performance implications

添加验证策略可能会影响 API 吞吐量。Adding validation policies may affect API throughput. 适用以下一般原则:The following general principles apply:

  • API 架构越大,吞吐量越低。The larger the API schema size, the lower the throughput will be.
  • 请求或响应中的有效负载越大,吞吐量越低。The larger the payload in a request or response, the lower the throughput will be.
  • 相比有效负载大小,API 架构大小对性能的影响更大。The size of the API schema has a larger impact on performance than the size of the payload.
  • 在某些情况下,根据若干 MB 大小的 API 架构进行验证可能会导致请求或响应超时。Validation against an API schema that is several megabytes in size may cause request or response timeouts under some conditions. 在“消耗”和“开发人员”服务层级中,这种影响更为明显。 The effect is more pronounced in the Consumption and Developer tiers of the service.

我们建议在预期的生产工作负载中执行负载测试,以评估验证策略对 API 吞吐量的影响。We recommend performing load tests with your expected production workloads to assess the impact of validation policies on API throughput.

验证内容Validate content

validate-content 策略根据 API 架构验证请求或响应正文的大小或 JSON 架构。The validate-content policy validates the size or JSON schema of a request or response body against the API schema. 不支持 JSON 以外的格式。Formats other than JSON aren't supported.

策略语句Policy statement

<validate-content unspecified-content-type-action="ignore|prevent|detect" max-size="size in bytes" size-exceeded-action="ignore|prevent|detect" errors-variable-name="variable name">
    <content type="content type string, for example: application/json, application/hal+json" validate-as="json" action="ignore|prevent|detect" />
</validate-content>

示例Example

在以下示例中,将以检测模式验证请求和响应中的 JSON 有效负载。In the following example, the JSON payload in requests and responses is validated in detection mode. 将阻止有效负载大于 100 KB 的消息。Messages with payloads larger than 100 KB are blocked.

<validate-content unspecified-content-type-action="prevent" max-size="102400" size-exceeded-action="prevent" errors-variable-name="requestBodyValidation">
    <content type="application/json" validate-as="json" action="detect" />
    <content type="application/hal+json" validate-as="json" action="detect" />
</validate-content>

元素Elements

名称Name 说明Description 必需Required
validate-contentvalidate-content 根元素。Root element. Yes
内容content 添加其中的一个或多个元素可以验证请求或响应中的内容类型,并执行指定的操作。Add one or more of these elements to validate the content type in the request or response, and perform the specified action. No

属性Attributes

名称Name 说明Description 必须Required 默认Default
unspecified-content-type-actionunspecified-content-type-action 针对其内容类型未在 API 架构中指定的请求或响应执行的操作Action to perform for requests or responses with a content type that isn’t specified in the API schema. Yes 空值N/A
max-sizemax-size 请求或响应正文的最大长度(以字节为单位),根据 Content-Length 头检查。Maximum length of the body of the request or response in bytes, checked against the Content-Length header. 如果请求正文或响应正文经过压缩,则此值是解压缩后的长度。If the request body or response body is compressed, this value is the decompressed length. 最大允许值:102,400 字节 (100 KB)。Maximum allowed value: 102,400 bytes (100 KB). Yes 空值N/A
size-exceeded-actionsize-exceeded-action 针对其正文超过 max-size 中指定大小的请求或响应执行的操作Action to perform for requests or responses whose body exceeds the size specified in max-size. Yes 空值N/A
errors-variable-nameerrors-variable-name context.Variables 中的要将验证错误记录到的变量的名称。Name of the variable in context.Variables to log validation errors to. Yes 空值N/A
typetype 要对其执行正文验证的内容类型,根据 Content-Type 头检查。Content type to execute body validation for, checked against the Content-Type header. 此值不区分大小写。This value is case insensitive. 如果为空,此值将应用到 API 架构中指定的每个内容类型。If empty, it applies to every content type specified in the API schema. No 空值N/A
validate-asvalidate-as 用于验证具有匹配内容类型的请求或响应正文的验证引擎。Validation engine to use for validation of the body of a request or response with a matching content type. 目前唯一支持的值是“json”。Currently, the only supported value is "json". Yes 空值N/A
actionaction 要对其正文与指定内容类型不匹配的请求或响应执行的操作Action to perform for requests or responses whose body doesn't match the specified content type. Yes 空值N/A

使用情况Usage

此策略可在以下策略范围中使用。This policy can be used in the following policy sections and scopes.

  • 策略节: 入站、出站、错误时Policy sections: inbound, outbound, on-error

  • 策略范围: 所有范围Policy scopes: all scopes

验证参数Validate parameters

validate-parameters 策略根据 API 架构验证请求中的头、查询或路径参数。The validate-parameters policy validates the header, query, or path parameters in requests against the API schema.

重要

如果使用低于 2021-01-01-preview 的管理 API 版本导入了某个 API,validate-parameters 策略可能不起作用。If you imported an API using a management API version prior to 2021-01-01-preview, the validate-parameters policy might not work. 可能需要使用管理 API 版本 2021-01-01-preview 或更高版本重新导入该 API。You may need to reimport your API using management API version 2021-01-01-preview or later.

策略语句Policy statement

<validate-parameters specified-parameter-action="ignore|prevent|detect" unspecified-parameter-action="ignore|prevent|detect" errors-variable-name="variable name"> 
    <headers specified-parameter-action="ignore|prevent|detect" unspecified-parameter-action="ignore|prevent|detect">
        <parameter name="parameter name" action="ignore|prevent|detect" />
    </headers>
    <query specified-parameter-action="ignore|prevent|detect" unspecified-parameter-action="ignore|prevent|detect">
        <parameter name="parameter name" action="ignore|prevent|detect" />
    </query>
    <path specified-parameter-action="ignore|prevent|detect">
        <parameter name="parameter name" action="ignore|prevent|detect" />
    </path>
</validate-parameters>

示例Example

在此示例中,将以防护模式验证所有查询和路径参数,以检测模式验证头。In this example, all query and path parameters are validated in the prevention mode and headers in the detection mode. 替代多个头参数的验证:Validation is overridden for several header parameters:

<validate-parameters specified-parameter-action="prevent" unspecified-parameter-action="prevent" errors-variable-name="requestParametersValidation"> 
    <headers specified-parameter-action="detect" unspecified-parameter-action="detect">
        <parameter name="Authorization" action="prevent" />
        <parameter name="User-Agent" action="ignore" />
        <parameter name="Host" action="ignore" />
        <parameter name="Referrer" action="ignore" />
</validate-parameters>

元素Elements

名称Name 说明Description 必需Required
validate-parametersvalidate-parameters 根元素。Root element. 针对请求中的所有参数指定默认验证操作。Specifies default validation actions for all parameters in requests. Yes
headersheaders 添加此元素可以替代针对请求中的头参数执行的默认验证操作。Add this element to override default validation actions for header parameters in requests. No
queryquery 添加此元素可以替代针对请求中的查询参数执行的默认验证操作。Add this element to override default validation actions for query parameters in requests. No
pathpath 添加此元素可以替代针对请求中的 URL 路径参数执行的默认验证操作。Add this element to override default validation actions for URL path parameters in requests. No
参数 (parameter)parameter 为命名参数添加一个或多个元素可以替代验证操作的更高级别的配置。Add one or more elements for named parameters to override higher-level configuration of the validation actions. No

属性Attributes

名称Name 说明Description 必须Required 默认Default
specified-parameter-actionspecified-parameter-action 针对 API 架构中指定的请求参数执行的操作Action to perform for request parameters specified in the API schema.

headersquerypath 元素中提供时,该值将替代 specified-parameter-action 元素中的 validate-parameters 值。When provided in a headers, query, or path element, the value overrides the value of specified-parameter-action in the validate-parameters element.
Yes 空值N/A
unspecified-parameter-actionunspecified-parameter-action 针对未在 API 架构中指定的请求参数执行的操作Action to perform for request parameters that are not specified in the API schema.

headersquery 元素中提供时,该值将替代 validate-parameters 元素中的 unspecified-parameter-action 值。When provided in a headersor query element, the value overrides the value of unspecified-parameter-action in the validate-parameters element.
Yes 空值N/A
errors-variable-nameerrors-variable-name context.Variables 中的要将验证错误记录到的变量的名称。Name of the variable in context.Variables to log validation errors to. Yes 空值N/A
namename 要替代其验证操作的参数的名称。Name of the parameter to override validation action for. 此值不区分大小写。This value is case insensitive. Yes 空值N/A
actionaction 针对具有匹配名称的参数执行的操作Action to perform for the parameter with the matching name. 如果该参数已在 API 架构中指定,此值将替代更高级别的 specified-parameter-action 配置。If the parameter is specified in the API schema, this value overrides the higher-level specified-parameter-action configuration. 如果该参数未在 API 架构中指定,此值将替代更高级别的 unspecified-parameter-action 配置。If the parameter isn’t specified in the API schema, this value overrides the higher-level unspecified-parameter-action configuration. Yes 空值N/A

使用情况Usage

此策略可在以下策略范围中使用。This policy can be used in the following policy sections and scopes.

  • 策略节: 入站Policy sections: inbound

  • 策略范围: 所有范围Policy scopes: all scopes

验证头Validate headers

validate-headers 策略根据 API 架构验证响应头。The validate-headers policy validates the response headers against the API schema.

重要

如果使用低于 2021-01-01-preview 的管理 API 版本导入了某个 API,validate-headers 策略可能不起作用。If you imported an API using a management API version prior to 2021-01-01-preview, the validate-headers policy might not work. 可能需要使用管理 API 版本 2021-01-01-preview 或更高版本重新导入该 API。You may need to reimport your API using management API version 2021-01-01-preview or later.

策略语句Policy statement

<validate-headers specified-header-action="ignore|prevent|detect" unspecified-header-action="ignore|prevent|detect" errors-variable-name="variable name">
    <header name="header name" action="ignore|prevent|detect" />
</validate-headers>

示例Example

<validate-headers specified-header-action="ignore" unspecified-header-action="prevent" errors-variable-name="responseHeadersValidation" />

元素Elements

名称Name 说明Description 必需Required
validate-headersvalidate-headers 根元素。Root element. 针对响应中的所有头指定默认验证操作。Specifies default validation actions for all headers in responses. Yes
标头header 为命名的头添加一个或多个元素可以替代针对响应中的头执行的默认验证操作。Add one or more elements for named headers to override the default validation actions for headers in responses. No

属性Attributes

名称Name 说明Description 必须Required 默认Default
specified-header-actionspecified-header-action 针对 API 架构中指定的响应头执行的操作Action to perform for response headers specified in the API schema. Yes 空值N/A
unspecified-header-actionunspecified-header-action 针对未在 API 架构中指定的响应头执行的操作Action to perform for response headers that are not specified in the API schema. Yes 空值N/A
errors-variable-nameerrors-variable-name context.Variables 中的要将验证错误记录到的变量的名称。Name of the variable in context.Variables to log validation errors to. Yes 空值N/A
namename 要替代其验证操作的头的名称。Name of the header to override validation action for. 此值不区分大小写。This value is case insensitive. Yes 空值N/A
actionaction 针对具有匹配名称的头执行的操作Action to perform for header with the matching name. 如果该头已在 API 架构中指定,此值将替代 validate-headers 元素中的 specified-header-action 值。If the header is specified in the API schema, this value overrides value of specified-header-action in the validate-headers element. 否则,它将替代 validate-headers 元素中的 unspecified-header-action 值。Otherwise, it overrides value of unspecified-header-action in the validate-headers element. Yes 空值N/A

使用情况Usage

此策略可在以下策略范围中使用。This policy can be used in the following policy sections and scopes.

  • 策略节: outbound、on-errorPolicy sections: outbound, on-error

  • 策略范围: 所有范围Policy scopes: all scopes

验证状态代码Validate status code

validate-status-code 策略根据 API 架构验证响应中的 HTTP 状态代码。The validate-status-code policy validates the HTTP status codes in responses against the API schema. 此策略可用于防止泄漏后端错误(可能包含堆栈跟踪)。This policy may be used to prevent leakage of backend errors, which can contain stack traces.

策略语句Policy statement

<validate-status-code unspecified-status-code-action="ignore|prevent|detect" errors-variable-name="variable name">
    <status-code code="HTTP status code number" action="ignore|prevent|detect" />
</validate-status-code>

示例Example

<validate-status-code unspecified-status-code-action="prevent" errors-variable-name="responseStatusCodeValidation" />

元素Elements

名称Name 说明Description 必需Required
validate-status-codevalidate-status-code 根元素。Root element. Yes
status-codestatus-code 为 HTTP 状态代码添加一个或多个元素可以替代针对响应中的状态代码执行的默认验证操作。Add one or more elements for HTTP status codes to override the default validation action for status codes in responses. No

属性Attributes

名称Name 说明Description 必须Required 默认Default
unspecified-status-code-actionunspecified-status-code-action 要对 API 架构中未指定的响应中的 HTTP 状态代码执行的操作Action to perform for HTTP status codes in responses that are not specified in the API schema. Yes 空值N/A
errors-variable-nameerrors-variable-name context.Variables 中的要将验证错误记录到的变量的名称。Name of the variable in context.Variables to log validation errors to. Yes 空值N/A
codecode 要替代其验证操作的 HTTP 状态代码。HTTP status code to override validation action for. Yes 空值N/A
actionaction 要对 API 架构中未指定的匹配状态代码执行的操作Action to perform for the matching status code, which is not specified in the API schema. 如果该状态代码已在 API 架构中指定,此替代将不会生效。If the status code is specified in the API schema, this override does not take effect. Yes 空值N/A

使用情况Usage

此策略可在以下策略范围中使用。This policy can be used in the following policy sections and scopes.

  • 策略节: outbound、on-errorPolicy sections: outbound, on-error

  • 策略范围: 所有范围Policy scopes: all scopes

验证错误Validation errors

下表列出了验证策略的所有可能错误。The following table lists all possible errors of the validation policies.

  • 详细信息 - 可用于调查错误。Details - Can be used to investigate errors. 不应公开共享。Not meant to be shared publicly.
  • 公共响应 - 返回到客户端的错误。Public response - Error returned to the client. 不会泄漏实现详细信息。Does not leak implementation details.
名称Name 类型Type 验证规则Validation rule 详细信息Details 公共响应Public response 操作Action
validate-contentvalidate-content
RequestBodyRequestBody SizeLimitSizeLimit 请求正文的长度为 {size} 个字节,超过了限制({maxSize} 字节)。Request's body is {size} bytes long and it exceeds the configured limit of {maxSize} bytes. 请求正文的长度为 {size} 个字节,超过了限制({maxSize} 字节)。Request's body is {size} bytes long and it exceeds the limit of {maxSize} bytes. detect / preventdetect / prevent
ResponseBodyResponseBody SizeLimitSizeLimit 响应正文的长度为 {size} 个字节,超过了配置的限制({maxSize} 字节)。Response's body is {size} bytes long and it exceeds the configured limit of {maxSize} bytes. 由于发生内部错误,无法处理请求。The request could not be processed due to an internal error. 请与 API 所有者联系。Contact the API owner. detect / preventdetect / prevent
{messageContentType}{messageContentType} RequestBodyRequestBody 未指定Unspecified 不允许未指定的内容类型 {messageContentType}。Unspecified content type {messageContentType} is not allowed. 不允许未指定的内容类型 {messageContentType}。Unspecified content type {messageContentType} is not allowed. detect / preventdetect / prevent
{messageContentType}{messageContentType} ResponseBodyResponseBody 未指定Unspecified 不允许未指定的内容类型 {messageContentType}。Unspecified content type {messageContentType} is not allowed. 由于发生内部错误,无法处理请求。The request could not be processed due to an internal error. 请与 API 所有者联系。Contact the API owner. detect / preventdetect / prevent
ApiSchemaApiSchema API 的架构不存在或无法解析。API's schema does not exist or it could not be resolved. 由于发生内部错误,无法处理请求。The request could not be processed due to an internal error. 请与 API 所有者联系。Contact the API owner. detect / preventdetect / prevent
ApiSchemaApiSchema API 的架构未指定定义。API's schema does not specify definitions. 由于发生内部错误,无法处理请求。The request could not be processed due to an internal error. 请与 API 所有者联系。Contact the API owner. detect / preventdetect / prevent
{messageContentType}{messageContentType} RequestBody / ResponseBodyRequestBody / ResponseBody MissingDefinitionMissingDefinition API 的架构不包含与内容类型 {messageContentType} 关联的定义 {definitionName}。API's schema does not contain definition {definitionName}, which is associated with the content type {messageContentType}. 由于发生内部错误,无法处理请求。The request could not be processed due to an internal error. 请与 API 所有者联系。Contact the API owner. detect / preventdetect / prevent
{messageContentType}{messageContentType} RequestBodyRequestBody IncorrectMessageIncorrectMessage 请求正文不符合与内容类型 {messageContentType} 关联的定义 {definitionName}。Body of the request does not conform to the definition {definitionName}, which is associated with the content type {messageContentType}.

{valError.Message} 行: {valError.LineNumber},位置: {valError.LinePosition}{valError.Message} Line: {valError.LineNumber}, Position: {valError.LinePosition}
请求正文不符合与内容类型 {messageContentType} 关联的定义 {definitionName}。Body of the request does not conform to the definition {definitionName}, which is associated with the content type {messageContentType}.

{valError.Message} 行: {valError.LineNumber},位置: {valError.LinePosition}{valError.Message} Line: {valError.LineNumber}, Position: {valError.LinePosition}
detect / preventdetect / prevent
{messageContentType}{messageContentType} ResponseBodyResponseBody IncorrectMessageIncorrectMessage 响应正文不符合与内容类型 {messageContentType} 关联的定义 {definitionName}。Body of the response does not conform to the definition {definitionName}, which is associated with the content type {messageContentType}.

{valError.Message} 行: {valError.LineNumber},位置: {valError.LinePosition}{valError.Message} Line: {valError.LineNumber}, Position: {valError.LinePosition}
由于发生内部错误,无法处理请求。The request could not be processed due to an internal error. 请与 API 所有者联系。Contact the API owner. detect / preventdetect / prevent
RequestBodyRequestBody ValidationExceptionValidationException 无法验证 {messageContentType} 内容类型的请求正文。Body of the request cannot be validated for the content type {messageContentType}.

{exception details}{exception details}
由于发生内部错误,无法处理请求。The request could not be processed due to an internal error. 请与 API 所有者联系。Contact the API owner. detect / preventdetect / prevent
ResponseBodyResponseBody ValidationExceptionValidationException 无法验证 {messageContentType} 内容类型的响应正文。Body of the response cannot be validated for the content type {messageContentType}.

{exception details}{exception details}
由于发生内部错误,无法处理请求。The request could not be processed due to an internal error. 请与 API 所有者联系。Contact the API owner. detect / preventdetect / prevent
validate-parameter / validate-headersvalidate-parameter / validate-headers
{paramName} / {headerName}{paramName} / {headerName} QueryParameter / PathParameter / RequestHeaderQueryParameter / PathParameter / RequestHeader 未指定Unspecified 不允许未指定的 {path parameter / query parameter / header} {paramName}。Unspecified {path parameter / query parameter / header} {paramName} is not allowed. 不允许未指定的 {path parameter / query parameter / header} {paramName}。Unspecified {path parameter / query parameter / header} {paramName} is not allowed. detect / preventdetect / prevent
{headerName}{headerName} ResponseHeaderResponseHeader 未指定Unspecified 不允许未指定的头 {headerName}。Unspecified header {headerName} is not allowed. 由于发生内部错误,无法处理请求。The request could not be processed due to an internal error. 请与 API 所有者联系。Contact the API owner. detect / preventdetect / prevent
ApiSchemaApiSchema API 的架构不存在或无法解析。API's schema doesn't exist or it couldn't be resolved. 由于发生内部错误,无法处理请求。The request could not be processed due to an internal error. 请与 API 所有者联系。Contact the API owner. detect / preventdetect / prevent
ApiSchemaApiSchema API 架构未指定定义。API schema does not specify definitions. 由于发生内部错误,无法处理请求。The request could not be processed due to an internal error. 请与 API 所有者联系。Contact the API owner. detect / preventdetect / prevent
{paramName}{paramName} QueryParameter / PathParameter / RequestHeader / ResponseHeaderQueryParameter / PathParameter / RequestHeader / ResponseHeader MissingDefinitionMissingDefinition API 的架构不包含与 {query parameter / path parameter / header} {paramName} 关联的定义 {definitionName}。API's schema does not contain definition {definitionName}, which is associated with the {query parameter / path parameter / header} {paramName}. 由于发生内部错误,无法处理请求。The request could not be processed due to an internal error. 请与 API 所有者联系。Contact the API owner. detect / preventdetect / prevent
{paramName}{paramName} QueryParameter / PathParameter / RequestHeaderQueryParameter / PathParameter / RequestHeader IncorrectMessageIncorrectMessage 请求不能包含 {query parameter / path parameter / header} {paramName} 的多个值。Request cannot contain multiple values for the {query parameter / path parameter / header} {paramName}. 请求不能包含 {query parameter / path parameter / header} {paramName} 的多个值。Request cannot contain multiple values for the {query parameter / path parameter / header} {paramName}. detect / preventdetect / prevent
{headerName}{headerName} ResponseHeaderResponseHeader IncorrectMessageIncorrectMessage 响应不能包含头 {headerName} 的多个值。Response cannot contain multiple values for the header {headerName}. 由于发生内部错误,无法处理请求。The request could not be processed due to an internal error. 请与 API 所有者联系。Contact the API owner. detect / preventdetect / prevent
{paramName}{paramName} QueryParameter / PathParameter / RequestHeaderQueryParameter / PathParameter / RequestHeader IncorrectMessageIncorrectMessage {query parameter / path parameter / header} {paramName} 的值不符合定义。Value of the {query parameter / path parameter / header} {paramName} does not conform to the definition.

{valError.Message} 行: {valError.LineNumber},位置: {valError.LinePosition}{valError.Message} Line: {valError.LineNumber}, Position: {valError.LinePosition}
{query parameter / path parameter / header} {paramName} 的值不符合定义。The value of the {query parameter / path parameter / header} {paramName} does not conform to the definition.

{valError.Message} 行: {valError.LineNumber},位置: {valError.LinePosition}{valError.Message} Line: {valError.LineNumber}, Position: {valError.LinePosition}
detect / preventdetect / prevent
{headerName}{headerName} ResponseHeaderResponseHeader IncorrectMessageIncorrectMessage 头 {headerName} 的值不符合定义。Value of the header {headerName} does not conform to the definition.

{valError.Message} 行: {valError.LineNumber},位置: {valError.LinePosition}{valError.Message} Line: {valError.LineNumber}, Position: {valError.LinePosition}
由于发生内部错误,无法处理请求。The request could not be processed due to an internal error. 请与 API 所有者联系。Contact the API owner. detect / preventdetect / prevent
{paramName}{paramName} QueryParameter / PathParameter / RequestHeaderQueryParameter / PathParameter / RequestHeader IncorrectMessageIncorrectMessage 无法根据定义分析 {query parameter / path parameter / header} {paramName} 的值。Value of the {query parameter / path parameter / header} {paramName} cannot be parsed according to the definition.

{ex.Message}{ex.Message}
无法根据定义分析 {query parameter / path parameter / header} {paramName} 的值。Value of the {query parameter / path parameter / header} {paramName} couldn't be parsed according to the definition.

{ex.Message}{ex.Message}
detect / preventdetect / prevent
{headerName}{headerName} ResponseHeaderResponseHeader IncorrectMessageIncorrectMessage 无法根据定义分析头 {headerName} 的值。Value of the header {headerName} couldn't be parsed according to the definition. 由于发生内部错误,无法处理请求。The request could not be processed due to an internal error. 请与 API 所有者联系。Contact the API owner. detect / preventdetect / prevent
{paramName}{paramName} QueryParameter / PathParameter / RequestHeaderQueryParameter / PathParameter / RequestHeader ValidationErrorValidationError 无法验证 {Query parameter / Path parameter / Header} {paramName}。{Query parameter / Path parameter / Header} {paramName} cannot be validated.

{exception details}{exception details}
由于发生内部错误,无法处理请求。The request could not be processed due to an internal error. 请与 API 所有者联系。Contact the API owner. detect / preventdetect / prevent
{headerName}{headerName} ResponseHeaderResponseHeader ValidationErrorValidationError 无法验证头 {headerName}。Header {headerName} cannot be validated.

{exception details}{exception details}
由于发生内部错误,无法处理请求。The request could not be processed due to an internal error. 请与 API 所有者联系。Contact the API owner. detect / preventdetect / prevent
validate-status-codevalidate-status-code
{status-code}{status-code} StatusCodeStatusCode 未指定Unspecified 不允许响应状态代码 {status-code}。Response status code {status-code} is not allowed. 由于发生内部错误,无法处理请求。The request could not be processed due to an internal error. 请与 API 所有者联系。Contact the API owner. detect / preventdetect / prevent

下表列出了验证错误的所有可能原因值以及可能的消息值:The following table lists all the possible Reason values of a validation error along with possible Message values:

原因Reason 消息Message
错误的请求Bad request 针对上下文变量的 {Details},针对客户端的 {Public response}{Details} for context variable, {Public response} for client
不允许响应Response not allowed 针对上下文变量的 {Details},针对客户端的 {Public response}{Details} for context variable, {Public response} for client

后续步骤Next steps

有关使用策略的详细信息,请参阅:For more information about working with policies, see: