diff --git a/examples/example.tf b/examples/example.tf index 8e12c451..542cb037 100644 --- a/examples/example.tf +++ b/examples/example.tf @@ -398,7 +398,6 @@ resource "incapsula_security_rule_exception" "example-waf-backdoor-rule-exceptio countries = "JM,US" continents = "NA,AF" ips = "1.2.3.6,1.2.3.7" - url_patterns = "EQUALS,CONTAINS" urls = "/myurl,/myurl2" user_agents = "myUserAgent" parameters = "myparam" @@ -418,7 +417,6 @@ resource "incapsula_security_rule_exception" "example-waf-bot_access-control-rul rule_id = "api.threats.bot_access_control" client_app_types = "DataScraper," ips = "1.2.3.6,1.2.3.7" - url_patterns = "EQUALS,CONTAINS" urls = "/myurl,/myurl2" user_agents = "myUserAgent" } @@ -437,7 +435,6 @@ resource "incapsula_security_rule_exception" "example-waf-cross-site-scripting-r client_apps = "488,123" countries = "JM,US" continents = "NA,AF" - url_patterns = "EQUALS,CONTAINS" urls = "/myurl,/myurl2" parameters = "myparam" } @@ -460,7 +457,6 @@ resource "incapsula_security_rule_exception" "example-waf-ddos-rule-exception" { countries = "JM,US" continents = "NA,AF" ips = "1.2.3.6,1.2.3.7" - url_patterns = "EQUALS,CONTAINS" urls = "/myurl,/myurl2" } @@ -479,7 +475,6 @@ resource "incapsula_security_rule_exception" "example-waf-illegal-resource-acces countries = "JM,US" continents = "NA,AF" ips = "1.2.3.6,1.2.3.7" - url_patterns = "EQUALS,CONTAINS" urls = "/myurl,/myurl2" parameters = "myparam" } @@ -499,7 +494,6 @@ resource "incapsula_security_rule_exception" "example-waf-remote-file-inclusion- countries = "JM,US" continents = "NA,AF" ips = "1.2.3.6,1.2.3.7" - url_patterns = "EQUALS,CONTAINS" urls = "/myurl,/myurl2" user_agents = "myUserAgent" parameters = "myparam" @@ -520,7 +514,6 @@ resource "incapsula_security_rule_exception" "example-waf-sql-injection-rule-exc countries = "JM,US" continents = "NA,AF" ips = "1.2.3.6,1.2.3.7" - url_patterns = "EQUALS,CONTAINS" urls = "/myurl,/myurl2" } diff --git a/examples/security_rules.tf b/examples/security_rules.tf index 48df0d81..79ba767b 100644 --- a/examples/security_rules.tf +++ b/examples/security_rules.tf @@ -82,50 +82,6 @@ resource "incapsula_waf_security_rule" "example-waf-ddos-rule" { block_non_essential_bots = "false" } -#################################################################### -# Security Rules (ACLs) -#################################################################### - -# Security Rule: Country -resource "incapsula_acl_security_rule" "example-global-blacklist-country-rule" { - site_id = incapsula_site.example-site.id - rule_id = "api.acl.blacklisted_countries" - countries = "AI,AN" -} - -# Security Rule: Blacklist IP -resource "incapsula_acl_security_rule" "example-global-blacklist-ip-rule" { - site_id = incapsula_site.example-site.id - rule_id = "api.acl.blacklisted_ips" - ips = "192.168.1.1,192.168.1.2" -} - -# Security Rule: Blacklist IP Exception -resource "incapsula_acl_security_rule" "example-global-blacklist-ip-rule_exception" { - rule_id = "api.acl.blacklisted_ips" - site_id = incapsula_site.example-site.id - ips = "192.168.1.1,192.168.1.2" - urls = "/myurl,/myurl2" - url_patterns = "EQUALS,CONTAINS" - countries = "JM,US" - client_apps = "488,123" -} - -# Security Rule: URL -resource "incapsula_acl_security_rule" "example-global-blacklist-url-rule" { - rule_id = "api.acl.blacklisted_urls" - site_id = incapsula_site.example-site.id - url_patterns = "CONTAINS,EQUALS" - urls = "/alpha,/bravo" -} - -# Security Rule: Whitelist IP -resource "incapsula_acl_security_rule" "example-global-whitelist-ip-rule" { - rule_id = "api.acl.whitelisted_ips" - site_id = incapsula_site.example-site.id - ips = "192.168.1.3,192.168.1.4" -} - #################################################################### # Incap Rules #################################################################### diff --git a/incapsula/client_security_rule_exception.go b/incapsula/client_security_rule_exception.go index b2084c02..90e8cf3e 100644 --- a/incapsula/client_security_rule_exception.go +++ b/incapsula/client_security_rule_exception.go @@ -7,7 +7,6 @@ import ( "log" "net/url" "strconv" - "strings" ) // Endpoints (unexported consts) @@ -18,17 +17,17 @@ const endpointExceptionList = "sites/status" // NOTE: no exceptions for whitelistedIPsExceptionRuleId var securityRuleExceptionParamMapping = map[string][]string{ // ACL RuleIDs - blacklistedCountriesExceptionRuleID: {"client_app_types", "ips", "url_patterns", "urls"}, - blacklistedIPsExceptionRuleID: {"client_apps", "countries", "continents", "ips", "url_patterns", "urls"}, - blacklistedURLsExceptionRuleID: {"client_apps", "countries", "continents", "ips", "url_patterns", "urls"}, + blacklistedCountriesExceptionRuleID: {"client_app_types", "ips", "urls"}, + blacklistedIPsExceptionRuleID: {"client_apps", "countries", "continents", "ips", "urls"}, + blacklistedURLsExceptionRuleID: {"client_apps", "countries", "continents", "ips", "urls"}, // WAF RuleIDs - backdoorExceptionRuleID: {"client_apps", "countries", "continents", "ips", "url_patterns", "urls", "user_agents", "parameters"}, - botAccessControlExceptionRuleID: {"client_app_types", "ips", "url_patterns", "urls", "user_agents"}, - crossSiteScriptingExceptionRuleID: {"client_apps", "countries", "continents", "url_patterns", "urls", "parameters"}, - ddosExceptionRuleID: {"client_apps", "countries", "continents", "ips", "url_patterns", "urls"}, - illegalResourceAccessExceptionRuleID: {"client_apps", "countries", "continents", "ips", "url_patterns", "urls", "parameters"}, - remoteFileInclusionExceptionRuleID: {"client_apps", "countries", "continents", "ips", "url_patterns", "urls", "user_agents", "parameters"}, - sqlInjectionExceptionRuleID: {"client_apps", "countries", "continents", "ips", "url_patterns", "urls", "parameters"}, + backdoorExceptionRuleID: {"client_apps", "countries", "continents", "ips", "urls", "user_agents", "parameters"}, + botAccessControlExceptionRuleID: {"client_app_types", "ips", "urls", "user_agents"}, + crossSiteScriptingExceptionRuleID: {"client_apps", "countries", "continents", "urls", "parameters"}, + ddosExceptionRuleID: {"client_apps", "countries", "continents", "ips", "urls"}, + illegalResourceAccessExceptionRuleID: {"client_apps", "countries", "continents", "ips", "urls", "parameters"}, + remoteFileInclusionExceptionRuleID: {"client_apps", "countries", "continents", "ips", "urls", "user_agents", "parameters"}, + sqlInjectionExceptionRuleID: {"client_apps", "countries", "continents", "ips", "urls", "parameters"}, } // SecurityRuleExceptionCreateResponse provides exception_id of rule exception @@ -39,7 +38,7 @@ type SecurityRuleExceptionCreateResponse struct { } // AddSecurityRuleException adds a security rule exception -func (c *Client) AddSecurityRuleException(siteID int, ruleID, clientAppTypes, clientApps, countries, continents, ips, urlPatterns, urls, userAgents, parameters string) (*SecurityRuleExceptionCreateResponse, error) { +func (c *Client) AddSecurityRuleException(siteID int, ruleID, clientAppTypes, clientApps, countries, continents, ips, urls, userAgents, parameters string) (*SecurityRuleExceptionCreateResponse, error) { // Base URL values values := url.Values{ "site_id": {strconv.Itoa(siteID)}, @@ -49,11 +48,6 @@ func (c *Client) AddSecurityRuleException(siteID int, ruleID, clientAppTypes, cl log.Printf("[INFO] Adding new security rule exception for rule_id (%s) for site id (%d)\n", ruleID, siteID) - err := validateListSizes(urlPatterns, urls) - if err != nil { - return nil, err - } - // Check to see if ruleID is correct, then iterate rule specific parameters if ruleParams, ok := securityRuleExceptionParamMapping[ruleID]; ok { for i := 0; i < len(ruleParams); i++ { @@ -71,8 +65,6 @@ func (c *Client) AddSecurityRuleException(siteID int, ruleID, clientAppTypes, cl values.Add("ips", ips) } else if param == "parameters" && parameters != "" { values.Add("parameters", parameters) - } else if param == "url_patterns" && urlPatterns != "" { - values.Add("url_patterns", urlPatterns) } else if param == "urls" && urls != "" { values.Add("urls", urls) } else if param == "user_agents" && userAgents != "" { @@ -113,7 +105,7 @@ func (c *Client) AddSecurityRuleException(siteID int, ruleID, clientAppTypes, cl } // EditSecurityRuleException edits a security rule exception -func (c *Client) EditSecurityRuleException(siteID int, ruleID, clientAppTypes, clientApps, countries, continents, ips, urlPatterns, urls, userAgents, parameters, whitelistID string) (*SiteStatusResponse, error) { +func (c *Client) EditSecurityRuleException(siteID int, ruleID, clientAppTypes, clientApps, countries, continents, ips, urls, userAgents, parameters, whitelistID string) (*SiteStatusResponse, error) { // Base URL values values := url.Values{ "site_id": {strconv.Itoa(siteID)}, @@ -123,11 +115,6 @@ func (c *Client) EditSecurityRuleException(siteID int, ruleID, clientAppTypes, c log.Printf("[INFO] Updating existing security rule exception for rule_id (%s) whitelist_id (%s) for site_id (%d)\n", ruleID, whitelistID, siteID) - err := validateListSizes(urlPatterns, urls) - if err != nil { - return nil, err - } - // Check to see if ruleID is correct, then iterate rule specific parameters if ruleParams, ok := securityRuleExceptionParamMapping[ruleID]; ok { for i := 0; i < len(ruleParams); i++ { @@ -145,8 +132,6 @@ func (c *Client) EditSecurityRuleException(siteID int, ruleID, clientAppTypes, c values.Add("ips", ips) } else if param == "parameters" && parameters != "" { values.Add("parameters", parameters) - } else if param == "url_patterns" && urlPatterns != "" { - values.Add("url_patterns", urlPatterns) } else if param == "urls" && urls != "" { values.Add("urls", urls) } else if param == "user_agents" && userAgents != "" { @@ -284,14 +269,3 @@ func (c *Client) DeleteSecurityRuleException(siteID int, ruleID, whitelistID str return nil } - -func validateListSizes(urlPatterns, urls string) error { - urlPatternsList := strings.Split(urlPatterns, ",") - urlsList := strings.Split(urls, ",") - - if len(urlPatternsList) != len(urlsList) { - return fmt.Errorf("error: url_patterns and urls lists do not have the same number of elements") - } - - return nil -} diff --git a/incapsula/client_security_rule_exception_test.go b/incapsula/client_security_rule_exception_test.go index fe64dc11..1cd76f6d 100644 --- a/incapsula/client_security_rule_exception_test.go +++ b/incapsula/client_security_rule_exception_test.go @@ -21,7 +21,7 @@ func TestClientAddSecurityRuleExceptionBadConnection(t *testing.T) { client := &Client{config: config, httpClient: &http.Client{Timeout: time.Millisecond * 1}} siteID := 1234 ruleID := "api.threats.backdoor" - addSecurityRuleExceptionResponse, err := client.AddSecurityRuleException(siteID, ruleID, "", "", "", "", "", "", "", "", "") + addSecurityRuleExceptionResponse, err := client.AddSecurityRuleException(siteID, ruleID, "", "", "", "", "", "", "", "") if err == nil { t.Errorf("Should have received an error") } @@ -48,7 +48,7 @@ func TestClientAddSecurityRuleExceptionBadJSON(t *testing.T) { client := &Client{config: config, httpClient: &http.Client{}} siteID := 1234 ruleID := "api.threats.backdoor" - addSecurityRuleExceptionResponse, err := client.AddSecurityRuleException(siteID, ruleID, "", "", "", "", "", "", "", "", "") + addSecurityRuleExceptionResponse, err := client.AddSecurityRuleException(siteID, ruleID, "", "", "", "", "", "", "", "") if err == nil { t.Errorf("Should have received an error") } @@ -75,7 +75,7 @@ func TestClientAddSecurityRuleExceptionInvalidRuleID(t *testing.T) { client := &Client{config: config, httpClient: &http.Client{}} siteID := 1234 ruleID := "bad_rule_id" - addSecurityRuleExceptionResponse, err := client.AddSecurityRuleException(siteID, ruleID, "", "", "", "AN,AS", "", "", "", "", "") + addSecurityRuleExceptionResponse, err := client.AddSecurityRuleException(siteID, ruleID, "", "", "", "AN,AS", "", "", "", "") if err == nil { t.Errorf("Should have received an error") } @@ -103,7 +103,7 @@ func TestClientAddSecurityRuleExceptionInvalidParam(t *testing.T) { siteID := 1234 ruleID := "api.threats.backdoor" badIps := "1234" - addSecurityRuleExceptionResponse, err := client.AddSecurityRuleException(siteID, ruleID, "", "", "", "", badIps, "", "", "", "") + addSecurityRuleExceptionResponse, err := client.AddSecurityRuleException(siteID, ruleID, "", "", "", "", badIps, "", "", "") if err == nil { t.Errorf("Should have received an error") } @@ -126,7 +126,7 @@ func TestClientEditSecurityRuleExceptionBadConnection(t *testing.T) { client := &Client{config: config, httpClient: &http.Client{Timeout: time.Millisecond * 1}} siteID := 1234 ruleID := "api.threats.backdoor" - editSecurityRuleExceptionResponse, err := client.EditSecurityRuleException(siteID, ruleID, "", "", "", "", "", "", "", "", "", "") + editSecurityRuleExceptionResponse, err := client.EditSecurityRuleException(siteID, ruleID, "", "", "", "", "", "", "", "", "") if err == nil { t.Errorf("Should have received an error") } @@ -153,7 +153,7 @@ func TestClientEditecurityRuleExceptionBadJSON(t *testing.T) { client := &Client{config: config, httpClient: &http.Client{}} siteID := 1234 ruleID := "api.threats.backdoor" - editSecurityRuleExceptionResponse, err := client.EditSecurityRuleException(siteID, ruleID, "", "", "", "", "", "", "", "", "", "") + editSecurityRuleExceptionResponse, err := client.EditSecurityRuleException(siteID, ruleID, "", "", "", "", "", "", "", "", "") if err == nil { t.Errorf("Should have received an error") } @@ -180,7 +180,7 @@ func TestClientEditSecurityRuleExceptionInvalidRuleID(t *testing.T) { client := &Client{config: config, httpClient: &http.Client{}} siteID := 1234 ruleID := "bad_rule_id" - editSecurityRuleExceptionResponse, err := client.EditSecurityRuleException(siteID, ruleID, "", "", "", "", "", "", "", "", "", "") + editSecurityRuleExceptionResponse, err := client.EditSecurityRuleException(siteID, ruleID, "", "", "", "", "", "", "", "", "") if err == nil { t.Errorf("Should have received an error") } @@ -209,7 +209,7 @@ func TestClientEditSecurityRuleExceptionInvalidWhitelistID(t *testing.T) { ruleID := "api.threats.backdoor" badIps := "1.2.3.4,1.2.4" badWhitelistID := "1234" - editSecurityRuleExceptionResponse, err := client.EditSecurityRuleException(siteID, ruleID, "", "", "", "", badIps, "", "", "", "", badWhitelistID) + editSecurityRuleExceptionResponse, err := client.EditSecurityRuleException(siteID, ruleID, "", "", "", "", badIps, "", "", "", badWhitelistID) if err == nil { t.Errorf("Should have received an error") } @@ -237,7 +237,7 @@ func TestClientEditSecurityRuleExceptionInvalidParam(t *testing.T) { siteID := 1234 ruleID := "api.threats.backdoor" badIps := "1234" - editSecurityRuleExceptionResponse, err := client.EditSecurityRuleException(siteID, ruleID, "", "", "", "", badIps, "", "", "", "", "") + editSecurityRuleExceptionResponse, err := client.EditSecurityRuleException(siteID, ruleID, "", "", "", "", badIps, "", "", "", "") if err == nil { t.Errorf("Should have received an error") } diff --git a/incapsula/resource_security_rule_exception.go b/incapsula/resource_security_rule_exception.go index a301cc11..dd5c83d5 100644 --- a/incapsula/resource_security_rule_exception.go +++ b/incapsula/resource_security_rule_exception.go @@ -110,6 +110,7 @@ func resourceSecurityRuleException() *schema.Resource { Description: "A comma separated list of url patterns. One of: contains | equals | prefix | suffix | not_equals | not_contain | not_prefix | not_suffix. The patterns should be in accordance with the matching urls sent by the urls parameter.", Type: schema.TypeString, Optional: true, + Deprecated: "This parameter will be deprecated in the next major release. EQUALS is the only supported pattern.", DiffSuppressFunc: suppressEquivalentStringDiffs, }, "urls": { @@ -158,7 +159,6 @@ func resourceSecurityRuleExceptionCreate(d *schema.ResourceData, m interface{}) d.Get("countries").(string), d.Get("continents").(string), d.Get("ips").(string), - d.Get("url_patterns").(string), d.Get("urls").(string), d.Get("user_agents").(string), d.Get("parameters").(string), @@ -230,7 +230,6 @@ func resourceSecurityRuleExceptionRead(d *schema.ResourceData, m interface{}) er urlList = append(urlList, url.Value) urlPatternList = append(urlPatternList, url.Pattern) } - d.Set("url_patterns", strings.Join(urlPatternList, ",")) d.Set("urls", strings.Join(urlList, ",")) case exceptionTypeCountry: d.Set("countries", strings.Join(value.Geo.Countries, ",")) @@ -286,7 +285,6 @@ func resourceSecurityRuleExceptionUpdate(d *schema.ResourceData, m interface{}) "", "", d.Get("ips").(string), - d.Get("url_patterns").(string), d.Get("urls").(string), "", "", @@ -305,7 +303,6 @@ func resourceSecurityRuleExceptionUpdate(d *schema.ResourceData, m interface{}) d.Get("countries").(string), d.Get("continents").(string), d.Get("ips").(string), - d.Get("url_patterns").(string), d.Get("urls").(string), "", "", @@ -324,7 +321,6 @@ func resourceSecurityRuleExceptionUpdate(d *schema.ResourceData, m interface{}) d.Get("countries").(string), d.Get("continents").(string), d.Get("ips").(string), - d.Get("url_patterns").(string), d.Get("urls").(string), "", "", @@ -343,7 +339,6 @@ func resourceSecurityRuleExceptionUpdate(d *schema.ResourceData, m interface{}) d.Get("countries").(string), d.Get("continents").(string), d.Get("ips").(string), - d.Get("url_patterns").(string), d.Get("urls").(string), d.Get("user_agents").(string), d.Get("parameters").(string), @@ -362,7 +357,6 @@ func resourceSecurityRuleExceptionUpdate(d *schema.ResourceData, m interface{}) "", "", d.Get("ips").(string), - d.Get("url_patterns").(string), d.Get("urls").(string), d.Get("user_agents").(string), "", @@ -381,7 +375,6 @@ func resourceSecurityRuleExceptionUpdate(d *schema.ResourceData, m interface{}) d.Get("countries").(string), d.Get("continents").(string), "", - d.Get("url_patterns").(string), d.Get("urls").(string), "", d.Get("parameters").(string), @@ -400,7 +393,6 @@ func resourceSecurityRuleExceptionUpdate(d *schema.ResourceData, m interface{}) d.Get("countries").(string), d.Get("continents").(string), d.Get("ips").(string), - d.Get("url_patterns").(string), d.Get("urls").(string), "", "", @@ -419,7 +411,6 @@ func resourceSecurityRuleExceptionUpdate(d *schema.ResourceData, m interface{}) d.Get("countries").(string), d.Get("continents").(string), d.Get("ips").(string), - d.Get("url_patterns").(string), d.Get("urls").(string), "", d.Get("parameters").(string), @@ -438,7 +429,6 @@ func resourceSecurityRuleExceptionUpdate(d *schema.ResourceData, m interface{}) d.Get("countries").(string), d.Get("continents").(string), d.Get("ips").(string), - d.Get("url_patterns").(string), d.Get("urls").(string), d.Get("user_agents").(string), d.Get("parameters").(string), @@ -457,7 +447,6 @@ func resourceSecurityRuleExceptionUpdate(d *schema.ResourceData, m interface{}) d.Get("countries").(string), d.Get("continents").(string), d.Get("ips").(string), - d.Get("url_patterns").(string), d.Get("urls").(string), "", d.Get("parameters").(string), diff --git a/incapsula/resource_security_rule_exception_test.go b/incapsula/resource_security_rule_exception_test.go index 1c432262..c44e333e 100644 --- a/incapsula/resource_security_rule_exception_test.go +++ b/incapsula/resource_security_rule_exception_test.go @@ -164,7 +164,6 @@ resource "incapsula_security_rule_exception" "example-waf-blacklisted-countries- rule_id = "api.acl.blacklisted_countries" client_app_types="DataScraper," ips="1.2.3.6,1.2.3.7" - url_patterns="EQUALS,CONTAINS" urls="/myurl,/myurl2" }`, securityRuleExceptionResourceNameBlacklistedCountries, ) @@ -178,7 +177,6 @@ resource "incapsula_security_rule_exception" "example-waf-blacklisted-countries- rule_id = "bad_rule_id" client_app_types="DataScraper," ips="1.2.3.6,1.2.3.7" - url_patterns="EQUALS,CONTAINS" urls="/myurl,/myurl2" }`, securityRuleExceptionResourceNameBlacklistedCountries, ) @@ -191,7 +189,6 @@ resource "incapsula_security_rule_exception" "example-waf-blacklisted-countries- rule_id = "api.acl.blacklisted_countries" client_app_types="DataScraper," ips="1.2.3.6,1.2.3." - url_patterns="EQUALS,CONTAINS" urls="/myurl,myurl2" }`, securityRuleExceptionResourceNameBlacklistedCountries, ) diff --git a/website/docs/r/security_rule_exception.html.markdown b/website/docs/r/security_rule_exception.html.markdown index b030e965..aefe2c6d 100644 --- a/website/docs/r/security_rule_exception.html.markdown +++ b/website/docs/r/security_rule_exception.html.markdown @@ -20,7 +20,6 @@ resource "incapsula_security_rule_exception" "example-waf-backdoor-rule-exceptio countries="JM,US" continents="NA,AF" ips="1.2.3.6,1.2.3.7" - url_patterns="EQUALS,CONTAINS" urls="/myurl,/myurl2" user_agents="myUserAgent" parameters="myparam" @@ -31,7 +30,6 @@ resource "incapsula_security_rule_exception" "example-waf-bot_access-control-rul rule_id = "api.threats.bot_access_control" client_app_types="DataScraper," ips="1.2.3.6,1.2.3.7" - url_patterns="EQUALS,CONTAINS" urls="/myurl,/myurl2" user_agents="myUserAgent" } @@ -42,7 +40,6 @@ resource "incapsula_security_rule_exception" "example-waf-cross-site-scripting-r client_apps="488,123" countries="JM,US" continents="NA,AF" - url_patterns="EQUALS,CONTAINS" urls="/myurl,/myurl2" parameters="myparam" } @@ -54,7 +51,6 @@ resource "incapsula_security_rule_exception" "example-waf-ddos-rule-exception" { countries="JM,US" continents="NA,AF" ips="1.2.3.6,1.2.3.7" - url_patterns="EQUALS,CONTAINS" urls="/myurl,/myurl2" } @@ -65,7 +61,6 @@ resource "incapsula_security_rule_exception" "example-waf-illegal-resource-acces countries="JM,US" continents="NA,AF" ips="1.2.3.6,1.2.3.7" - url_patterns="EQUALS,CONTAINS" urls="/myurl,/myurl2" parameters="myparam" } @@ -77,7 +72,6 @@ resource "incapsula_security_rule_exception" "example-waf-remote-file-inclusion- countries="JM,US" continents="NA,AF" ips="1.2.3.6,1.2.3.7" - url_patterns="EQUALS,CONTAINS" urls="/myurl,/myurl2" user_agents="myUserAgent" parameters="myparam" @@ -90,7 +84,6 @@ resource "incapsula_security_rule_exception" "example-waf-sql-injection-rule-exc countries="JM,US" continents="NA,AF" ips="1.2.3.6,1.2.3.7" - url_patterns="EQUALS,CONTAINS" urls="/myurl,/myurl2" } ``` @@ -107,8 +100,7 @@ At least one Optional argument is required. * `countries` - (Optional) A comma separated list of country codes. * `continents` - (Optional) A comma separated list of continent codes. * `ips=` - (Optional) A comma separated list of IPs or IP ranges, e.g: 192.168.1.1, 192.168.1.1-192.168.1.100 or 192.168.1.1/24 -* `urls=` - (Optional) A comma separated list of resource paths. For example, /home and /admin/index.html are resource paths, while http://www.example.com/home is not. Each URL should be encoded separately using percent encoding as specified by RFC 3986 (http://tools.ietf.org/html/rfc3986#section-2.1). An empty URL list will remove all URLs. urls="/someurl1,/path/to/my/resource/2.html,/some/url/3". If this argument is used, the url_patterns argument is required. -* `url_patterns` - (Optional) A comma separated list of patterns that correlate to the list of urls. url_patterns are required if you have urls specified, and patterns are applied in the order specified and map literally to the list of urls. Supported values are: contains,equals,prefix,suffix,not_equals,not_contain,not_prefix,not_suffix. Example of how to apply url_patterns to the three urls listed above in order: url_patterns="prefix,equals,prefix". +* `urls=` - (Optional) A comma separated list of resource paths. For example, /home and /admin/index.html are resource paths, while http://www.example.com/home is not. Each URL should be encoded separately using percent encoding as specified by RFC 3986 (http://tools.ietf.org/html/rfc3986#section-2.1). An empty URL list will remove all URLs. urls="/someurl1,/path/to/my/resource/2.html,/some/url/3". * `user_agents` - (Optional) A comma separated list of encoded user agents. * `parameters` - (Optional) A comma separated list of encoded parameters.