-
Notifications
You must be signed in to change notification settings - Fork 136
/
Copy pathprompt-shield-policy.xml
67 lines (67 loc) · 3.26 KB
/
prompt-shield-policy.xml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
<policies>
<inbound>
<set-variable name="SubscriptionKey" value="@(context.Request.Headers.GetValueOrDefault("api-key"))" />
<send-request mode="new" response-variable-name="safetyResponse">
<set-url>@("https://" + context.Request.Headers.GetValueOrDefault("Host") + "/contentsafety/text:shieldPrompt?api-version=2024-02-15-preview")</set-url>
<set-method>POST</set-method>
<set-header name="Ocp-Apim-Subscription-Key" exists-action="override">
<value>@(context.Variables.GetValueOrDefault<string>("SubscriptionKey"))</value>
</set-header>
<set-header name="Content-Type" exists-action="override">
<value>application/json</value>
</set-header>
<set-body>@{
string[] documents = new string[] {};
string[] messages = context.Request.Body.As<JObject>(preserveContent: true)["messages"].Select(m => m.Value<string>("content")).ToArray();
JObject obj = new JObject();
JProperty userProperty = new JProperty("userPrompt", string.Concat(messages));
JProperty documentsProperty = new JProperty("documents", new JArray(documents));
obj.Add(userProperty);
obj.Add(documentsProperty);
return obj.ToString();
}</set-body>
</send-request>
<choose>
<when condition="@(((IResponse)context.Variables["safetyResponse"]).StatusCode == 200)">
<choose>
<when condition="@((bool)((IResponse)context.Variables["safetyResponse"]).Body.As<JObject>()["userPromptAnalysis"]["attackDetected"] == true)">
<!-- Return 401 Unauthorized with http-problem payload -->
<return-response>
<set-status code="400" reason="Bad Request" />
<set-body>@{
var errorResponse = new
{
error = new
{
message = "The prompt was identified as an attack by the Azure AI Content Safety service."
}
};
return JsonConvert.SerializeObject(errorResponse);
}</set-body>
</return-response>
</when>
</choose>
</when>
<otherwise>
<return-response>
<set-status code="500" reason="Internal Server Error" />
</return-response>
</otherwise>
</choose>
<base />
<authentication-managed-identity resource="https://cognitiveservices.azure.com" output-token-variable-name="managed-id-access-token" ignore-error="false" />
<set-header name="Authorization" exists-action="override">
<value>@("Bearer " + (string)context.Variables["managed-id-access-token"])</value>
</set-header>
<set-backend-service backend-id="{backend-id}" />
</inbound>
<backend>
<base />
</backend>
<outbound>
<base />
</outbound>
<on-error>
<base />
</on-error>
</policies>