Denying the Use of Parameters in URI Paths for Better Security

I’m new to PowerShell Universal so forgive me if this is a dumb question. However, in addition to sanitizing client-site inputs and server-side outputs, I also want to tightly control parameters in the URI path. Specifically, deny the request if anything other than a single parameter is used. According to the documentation, if I Invoke-RestMethod to, PowerShell Universal will automatically put “foo” as a variable with “bar” as the value. Since there’s never a reason a client should ever use “foo” as a parameter (nor anything else), how can I key of of query parameters to send back a 403? I’m also concerned about the client possibly overwriting existing variables even if for a second.

Basically, anyone know of a way I can see the full URI path to see the parameters the clients specified? I see variables “UrlDefinition” and “Url” but they don’t contain any parameters to key off of. There is MyInvocation that seems to have it but it’s kludgy to key off of.

Thank you in advance to anyone for your time - really appreciate it.

Product: PowerShell Universal
Version: 3.7.1
1 Like