Echo Service (/echo)
search cancel

Echo Service (/echo)

book

Article ID: 186849

calendar_today

Updated On: 11-01-2023

Products

CA API Gateway

Issue/Introduction

We received an alert from the security team asking us to remove the /echo API since it can be used to run malicious code running XSS/Javascript.

Before removing it, I would like to know what is it's purpose and can we remove it safely?

 

Environment

Release : 9.X 10.X 11.X

Component : API GTW ENTERPRISE MANAGER

Resolution

The echo service which gets laid down with the portal integration can safely be disabled. It is merely a demo service which can be used to test api proxies and just returns the same payload sent to it.
Powered by Wolken Software