[NGINX App Protect] Override-rules schema mismatch: override documented as string but examples use object (Invalid Policy error) #1689
Description
Describe the bug
There is an inconsistency between the documented schema ( https://docs.nginx.com/waf/policies/parameter-reference/#policy/override-rules ) and the official sample JSON for override-rules ( https://docs.nginx.com/waf/policies/override-rules/ )
The documentation states that the override attribute is of type string, but the official sample policy provided on the same page uses override as a JSON object.
When the documented sample policy is used in NGINX Instance Manager, the policy fails validation and cannot be saved.
To reproduce
- Open the documentation page:
https://docs.nginx.com/waf/policies/override-rules/ - Copy the official sample policy JSON that contains
override-rules - Paste the policy into NGINX Instance Manager
- Attempt to save the policy
Expected behavior
The official sample policy from the documentation should be valid and accepted by NGINX Instance Manager.
Actual behavior
NGINX Instance Manager rejects the policy with the following error:
"Invalid Policy
The policy could not be saved. Please fix all issues in the policy JSON and try again."
Relevant documentation
https://docs.nginx.com/waf/policies/parameter-reference/#policy/override-rules
The documentation defines:
override| string | The overriding security policy definition |
However, the https://docs.nginx.com/waf/policies/override-rules/ page provides sample JSON that defines override as an object:
"override": {
"policy": {
"enforcementMode": "transparent"
}
}