How to Check Content for JID Attacks in PHP

It’s critically important to protect your applications against text-based threats. To that end, in this article I’ll briefly demonstrate an API solution which quickly detects JSON Insecure Deserialization (JID) attacks from text input. The API response contains a Boolean indicating whether a particular string was a JID threat, making it easy to block malicious attempts targeting your JSON parser.

To take advantage of this API, you can copy from ready-to-run PHP code examples provided below (you’ll also need a free-tier API key, which you can get by registering a free account on our website).

To install the SDK, run the following command:

composer require cloudmersive/cloudmersive_security_api_client

With installation all done, configure your input string & API key in the following code:

<?php
require_once(__DIR__ . '/vendor/autoload.php');

// Configure API key authorization: Apikey
$config = Swagger\Client\Configuration::getDefaultConfiguration()->setApiKey('Apikey', 'YOUR_API_KEY');



$apiInstance = new Swagger\Client\Api\ContentThreatDetectionApi(
    
    
    new GuzzleHttp\Client(),
    $config
);
$value = "value_example"; // string | User-facing text input.

try {
    $result = $apiInstance->contentThreatDetectionDetectInsecureDeserializationJsonString($value);
    print_r($result);
} catch (Exception $e) {
    echo 'Exception when calling ContentThreatDetectionApi->contentThreatDetectionDetectInsecureDeserializationJsonString: ', $e->getMessage(), PHP_EOL;
}
?>

Simple and easy!