When editing an expression in the XML Map connector, there is a built-in script validator that dynamically refreshes as you edit an expression.
And this editor will not allow you to commit an invalid expression until it is corrected.
There can be instances where an expression in an XML Map connector is evaluated as an invalid expression even though it should be valid. One common example is an expression that contains the sequence ../ which is used to reference an element from a parent loop in an xpath expression. For example, the mapping below would need to map the OrderedPlacedBy from the source file and map it to the PurchasedBy in the Destination mapping.
While this may be a simple expression, the expression editor may flag it as invalid regardless of any combination that is tried, preventing you from saving the expression in the mapping until you validate the expression.
Checking the network tab in Google Chrome Dev Tool’s, you may see a failed validateExpression.rsb endpoint. This is an internal resource in the application used to validate the expression, but the 403 Forbidden means that the request is blocked.
The validateExpression.rsb endpoint is an internal resource in the application used to validate the expression, but the 403 Forbidden means that the request is blocked. This is being blocked by a ruleset under Amazon's WAF. The GenericLFI_BODY ruleset is the ruleset in question. This is intended to detect Local File Inclusion (LFI) exploits in the request body. This would include path traversal attempts using techniques such as “../../”.
Disabling the ruleset would allow the validateExpression.rsb end point to be reached successfully and in turn allow the expression to validate.
