Options
All
  • Public
  • Public/Protected
  • All
Menu

Namespace AccessRuleCriteria

When defined, the parent challenge would be applied only for the requests that matched all the listed conditions.

Enumerations

Properties

Functions

Properties

condition

condition: Condition

The criteria the access rule and JavaScript Challenge uses to determine if action should be taken on a request.

  • URL_IS: Matches if the concatenation of request URL path and query is identical to the contents of the {@code value} field. URL must start with a {@code /}.
  • URL_IS_NOT: Matches if the concatenation of request URL path and query is not identical to the contents of the {@code value} field. URL must start with a {@code /}.
  • URL_STARTS_WITH: Matches if the concatenation of request URL path and query starts with the contents of the {@code value} field. URL must start with a {@code /}.
  • URL_PART_ENDS_WITH: Matches if the concatenation of request URL path and query ends with the contents of the {@code value} field.
  • URL_PART_CONTAINS: Matches if the concatenation of request URL path and query contains the contents of the {@code value} field.
  • URL_REGEX: Matches if the concatenation of request URL path and query is described by the regular expression in the value field. The value must be a valid regular expression recognized by the PCRE library in Nginx (https://www.pcre.org).
  • URL_DOES_NOT_MATCH_REGEX: Matches if the concatenation of request URL path and query is not described by the regular expression in the {@code value} field. The value must be a valid regular expression recognized by the PCRE library in Nginx (https://www.pcre.org).
  • URL_DOES_NOT_START_WITH: Matches if the concatenation of request URL path and query does not start with the contents of the {@code value} field.
  • URL_PART_DOES_NOT_CONTAIN: Matches if the concatenation of request URL path and query does not contain the contents of the {@code value} field.
  • URL_PART_DOES_NOT_END_WITH: Matches if the concatenation of request URL path and query does not end with the contents of the {@code value} field.
  • IP_IS: Matches if the request originates from one of the IP addresses contained in the defined address list. The {@code value} in this case is string with one or multiple IPs or CIDR notations separated by new line symbol \

    Example:* \"1.1.1.1\

1.1.1.2
1.2.2.1/30"

  • IP_IS_NOT: Matches if the request does not originate from any of the IP addresses contained in the defined address list. The {@code value} in this case is string with one or multiple IPs or CIDR notations separated by new line symbol \

    Example:* \"1.1.1.1\

1.1.1.2
1.2.2.1/30"

  • IP_IN_LIST: Matches if the request originates from one of the IP addresses contained in the referenced address list. The {@code value} in this case is OCID of the address list.
  • IP_NOT_IN_LIST: Matches if the request does not originate from any IP address contained in the referenced address list. The {@code value} field in this case is OCID of the address list.
  • HTTP_HEADER_CONTAINS: The HTTP_HEADER_CONTAINS criteria is defined using a compound value separated by a colon: a header field name and a header field value. {@code host:test.example.com} is an example of a criteria value where {@code host} is the header field name and {@code test.example.com} is the header field value. A request matches when the header field name is a case insensitive match and the header field value is a case insensitive, substring match.

Example: With a criteria value of {@code host:test.example.com}, where {@code host} is the name of the field and {@code test.example.com} is the value of the host field, a request with the header values, {@code Host: www.test.example.com} will match, where as a request with header values of {@code host: www.example.com} or {@code host: test.sub.example.com} will not match.

  • HTTP_METHOD_IS: Matches if the request method is identical to one of the values listed in field. The {@code value} in this case is string with one or multiple HTTP methods separated by new line symbol
    The list of available methods: {@code GET}, {@code HEAD}, {@code POST}, {@code PUT}, {@code DELETE}, {@code CONNECT}, {@code OPTIONS}, {@code TRACE}, {@code PATCH}

    Example:* \"GET\ POST\"

  • HTTP_METHOD_IS_NOT: Matches if the request is not identical to any of the contents of the {@code value} field. The {@code value} in this case is string with one or multiple HTTP methods separated by new line symbol
    The list of available methods: {@code GET}, {@code HEAD}, {@code POST}, {@code PUT}, {@code DELETE}, {@code CONNECT}, {@code OPTIONS}, {@code TRACE}, {@code PATCH}

    Example:* \"GET\ POST\"

  • COUNTRY_IS: Matches if the request originates from one of countries in the {@code value} field. The {@code value} in this case is string with one or multiple countries separated by new line symbol
    Country codes are in ISO 3166-1 alpha-2 format. For a list of codes, see ISO's website.

Example: "AL
DZ
AM"

  • COUNTRY_IS_NOT: Matches if the request does not originate from any of countries in the {@code value} field. The {@code value} in this case is string with one or multiple countries separated by new line symbol
    Country codes are in ISO 3166-1 alpha-2 format. For a list of codes, see ISO's website.

Example: "AL
DZ
AM"

  • USER_AGENT_IS: Matches if the requesting user agent is identical to the contents of the {@code value} field.

Example: {@code Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:35.0) Gecko/20100101 Firefox/35.0}

  • USER_AGENT_IS_NOT: Matches if the requesting user agent is not identical to the contents of the {@code value} field.

Example: {@code Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:35.0) Gecko/20100101 Firefox/35.0}

Optional isCaseSensitive

isCaseSensitive: undefined | false | true

When enabled, the condition will be matched with case-sensitive rules.

value

value: string

The criteria value.

Functions

getDeserializedJsonObj

getJsonObj