line |
stmt |
bran |
cond |
sub |
pod |
time |
code |
1
|
|
|
|
|
|
|
package Paws::WAF::ByteMatchTuple; |
2
|
1
|
|
|
1
|
|
450
|
use Moose; |
|
1
|
|
|
|
|
3
|
|
|
1
|
|
|
|
|
8
|
|
3
|
|
|
|
|
|
|
has FieldToMatch => (is => 'ro', isa => 'Paws::WAF::FieldToMatch', required => 1); |
4
|
|
|
|
|
|
|
has PositionalConstraint => (is => 'ro', isa => 'Str', required => 1); |
5
|
|
|
|
|
|
|
has TargetString => (is => 'ro', isa => 'Str', required => 1); |
6
|
|
|
|
|
|
|
has TextTransformation => (is => 'ro', isa => 'Str', required => 1); |
7
|
|
|
|
|
|
|
1; |
8
|
|
|
|
|
|
|
|
9
|
|
|
|
|
|
|
### main pod documentation begin ### |
10
|
|
|
|
|
|
|
|
11
|
|
|
|
|
|
|
=head1 NAME |
12
|
|
|
|
|
|
|
|
13
|
|
|
|
|
|
|
Paws::WAF::ByteMatchTuple |
14
|
|
|
|
|
|
|
|
15
|
|
|
|
|
|
|
=head1 USAGE |
16
|
|
|
|
|
|
|
|
17
|
|
|
|
|
|
|
This class represents one of two things: |
18
|
|
|
|
|
|
|
|
19
|
|
|
|
|
|
|
=head3 Arguments in a call to a service |
20
|
|
|
|
|
|
|
|
21
|
|
|
|
|
|
|
Use the attributes of this class as arguments to methods. You shouldn't make instances of this class. |
22
|
|
|
|
|
|
|
Each attribute should be used as a named argument in the calls that expect this type of object. |
23
|
|
|
|
|
|
|
|
24
|
|
|
|
|
|
|
As an example, if Att1 is expected to be a Paws::WAF::ByteMatchTuple object: |
25
|
|
|
|
|
|
|
|
26
|
|
|
|
|
|
|
$service_obj->Method(Att1 => { FieldToMatch => $value, ..., TextTransformation => $value }); |
27
|
|
|
|
|
|
|
|
28
|
|
|
|
|
|
|
=head3 Results returned from an API call |
29
|
|
|
|
|
|
|
|
30
|
|
|
|
|
|
|
Use accessors for each attribute. If Att1 is expected to be an Paws::WAF::ByteMatchTuple object: |
31
|
|
|
|
|
|
|
|
32
|
|
|
|
|
|
|
$result = $service_obj->Method(...); |
33
|
|
|
|
|
|
|
$result->Att1->FieldToMatch |
34
|
|
|
|
|
|
|
|
35
|
|
|
|
|
|
|
=head1 DESCRIPTION |
36
|
|
|
|
|
|
|
|
37
|
|
|
|
|
|
|
The bytes (typically a string that corresponds with ASCII characters) |
38
|
|
|
|
|
|
|
that you want AWS WAF to search for in web requests, the location in |
39
|
|
|
|
|
|
|
requests that you want AWS WAF to search, and other settings. |
40
|
|
|
|
|
|
|
|
41
|
|
|
|
|
|
|
=head1 ATTRIBUTES |
42
|
|
|
|
|
|
|
|
43
|
|
|
|
|
|
|
|
44
|
|
|
|
|
|
|
=head2 B<REQUIRED> FieldToMatch => L<Paws::WAF::FieldToMatch> |
45
|
|
|
|
|
|
|
|
46
|
|
|
|
|
|
|
The part of a web request that you want AWS WAF to search, such as a |
47
|
|
|
|
|
|
|
specified header or a query string. For more information, see |
48
|
|
|
|
|
|
|
FieldToMatch. |
49
|
|
|
|
|
|
|
|
50
|
|
|
|
|
|
|
|
51
|
|
|
|
|
|
|
=head2 B<REQUIRED> PositionalConstraint => Str |
52
|
|
|
|
|
|
|
|
53
|
|
|
|
|
|
|
Within the portion of a web request that you want to search (for |
54
|
|
|
|
|
|
|
example, in the query string, if any), specify where you want AWS WAF |
55
|
|
|
|
|
|
|
to search. Valid values include the following: |
56
|
|
|
|
|
|
|
|
57
|
|
|
|
|
|
|
B<CONTAINS> |
58
|
|
|
|
|
|
|
|
59
|
|
|
|
|
|
|
The specified part of the web request must include the value of |
60
|
|
|
|
|
|
|
C<TargetString>, but the location doesn't matter. |
61
|
|
|
|
|
|
|
|
62
|
|
|
|
|
|
|
B<CONTAINS_WORD> |
63
|
|
|
|
|
|
|
|
64
|
|
|
|
|
|
|
The specified part of the web request must include the value of |
65
|
|
|
|
|
|
|
C<TargetString>, and C<TargetString> must contain only alphanumeric |
66
|
|
|
|
|
|
|
characters or underscore (A-Z, a-z, 0-9, or _). In addition, |
67
|
|
|
|
|
|
|
C<TargetString> must be a word, which means one of the following: |
68
|
|
|
|
|
|
|
|
69
|
|
|
|
|
|
|
=over |
70
|
|
|
|
|
|
|
|
71
|
|
|
|
|
|
|
=item * |
72
|
|
|
|
|
|
|
|
73
|
|
|
|
|
|
|
C<TargetString> exactly matches the value of the specified part of the |
74
|
|
|
|
|
|
|
web request, such as the value of a header. |
75
|
|
|
|
|
|
|
|
76
|
|
|
|
|
|
|
=item * |
77
|
|
|
|
|
|
|
|
78
|
|
|
|
|
|
|
C<TargetString> is at the beginning of the specified part of the web |
79
|
|
|
|
|
|
|
request and is followed by a character other than an alphanumeric |
80
|
|
|
|
|
|
|
character or underscore (_), for example, C<BadBot;>. |
81
|
|
|
|
|
|
|
|
82
|
|
|
|
|
|
|
=item * |
83
|
|
|
|
|
|
|
|
84
|
|
|
|
|
|
|
C<TargetString> is at the end of the specified part of the web request |
85
|
|
|
|
|
|
|
and is preceded by a character other than an alphanumeric character or |
86
|
|
|
|
|
|
|
underscore (_), for example, C<;BadBot>. |
87
|
|
|
|
|
|
|
|
88
|
|
|
|
|
|
|
=item * |
89
|
|
|
|
|
|
|
|
90
|
|
|
|
|
|
|
C<TargetString> is in the middle of the specified part of the web |
91
|
|
|
|
|
|
|
request and is preceded and followed by characters other than |
92
|
|
|
|
|
|
|
alphanumeric characters or underscore (_), for example, C<-BadBot;>. |
93
|
|
|
|
|
|
|
|
94
|
|
|
|
|
|
|
=back |
95
|
|
|
|
|
|
|
|
96
|
|
|
|
|
|
|
B<EXACTLY> |
97
|
|
|
|
|
|
|
|
98
|
|
|
|
|
|
|
The value of the specified part of the web request must exactly match |
99
|
|
|
|
|
|
|
the value of C<TargetString>. |
100
|
|
|
|
|
|
|
|
101
|
|
|
|
|
|
|
B<STARTS_WITH> |
102
|
|
|
|
|
|
|
|
103
|
|
|
|
|
|
|
The value of C<TargetString> must appear at the beginning of the |
104
|
|
|
|
|
|
|
specified part of the web request. |
105
|
|
|
|
|
|
|
|
106
|
|
|
|
|
|
|
B<ENDS_WITH> |
107
|
|
|
|
|
|
|
|
108
|
|
|
|
|
|
|
The value of C<TargetString> must appear at the end of the specified |
109
|
|
|
|
|
|
|
part of the web request. |
110
|
|
|
|
|
|
|
|
111
|
|
|
|
|
|
|
|
112
|
|
|
|
|
|
|
=head2 B<REQUIRED> TargetString => Str |
113
|
|
|
|
|
|
|
|
114
|
|
|
|
|
|
|
The value that you want AWS WAF to search for. AWS WAF searches for the |
115
|
|
|
|
|
|
|
specified string in the part of web requests that you specified in |
116
|
|
|
|
|
|
|
C<FieldToMatch>. The maximum length of the value is 50 bytes. |
117
|
|
|
|
|
|
|
|
118
|
|
|
|
|
|
|
Valid values depend on the values that you specified for |
119
|
|
|
|
|
|
|
C<FieldToMatch>: |
120
|
|
|
|
|
|
|
|
121
|
|
|
|
|
|
|
=over |
122
|
|
|
|
|
|
|
|
123
|
|
|
|
|
|
|
=item * |
124
|
|
|
|
|
|
|
|
125
|
|
|
|
|
|
|
C<HEADER>: The value that you want AWS WAF to search for in the request |
126
|
|
|
|
|
|
|
header that you specified in FieldToMatch, for example, the value of |
127
|
|
|
|
|
|
|
the C<User-Agent> or C<Referer> header. |
128
|
|
|
|
|
|
|
|
129
|
|
|
|
|
|
|
=item * |
130
|
|
|
|
|
|
|
|
131
|
|
|
|
|
|
|
C<METHOD>: The HTTP method, which indicates the type of operation |
132
|
|
|
|
|
|
|
specified in the request. CloudFront supports the following methods: |
133
|
|
|
|
|
|
|
C<DELETE>, C<GET>, C<HEAD>, C<OPTIONS>, C<PATCH>, C<POST>, and C<PUT>. |
134
|
|
|
|
|
|
|
|
135
|
|
|
|
|
|
|
=item * |
136
|
|
|
|
|
|
|
|
137
|
|
|
|
|
|
|
C<QUERY_STRING>: The value that you want AWS WAF to search for in the |
138
|
|
|
|
|
|
|
query string, which is the part of a URL that appears after a C<?> |
139
|
|
|
|
|
|
|
character. |
140
|
|
|
|
|
|
|
|
141
|
|
|
|
|
|
|
=item * |
142
|
|
|
|
|
|
|
|
143
|
|
|
|
|
|
|
C<URI>: The value that you want AWS WAF to search for in the part of a |
144
|
|
|
|
|
|
|
URL that identifies a resource, for example, C</images/daily-ad.jpg>. |
145
|
|
|
|
|
|
|
|
146
|
|
|
|
|
|
|
=item * |
147
|
|
|
|
|
|
|
|
148
|
|
|
|
|
|
|
C<BODY>: The part of a request that contains any additional data that |
149
|
|
|
|
|
|
|
you want to send to your web server as the HTTP request body, such as |
150
|
|
|
|
|
|
|
data from a form. The request body immediately follows the request |
151
|
|
|
|
|
|
|
headers. Note that only the first C<8192> bytes of the request body are |
152
|
|
|
|
|
|
|
forwarded to AWS WAF for inspection. To allow or block requests based |
153
|
|
|
|
|
|
|
on the length of the body, you can create a size constraint set. For |
154
|
|
|
|
|
|
|
more information, see CreateSizeConstraintSet. |
155
|
|
|
|
|
|
|
|
156
|
|
|
|
|
|
|
=back |
157
|
|
|
|
|
|
|
|
158
|
|
|
|
|
|
|
If C<TargetString> includes alphabetic characters A-Z and a-z, note |
159
|
|
|
|
|
|
|
that the value is case sensitive. |
160
|
|
|
|
|
|
|
|
161
|
|
|
|
|
|
|
B<If you're using the AWS WAF API> |
162
|
|
|
|
|
|
|
|
163
|
|
|
|
|
|
|
Specify a base64-encoded version of the value. The maximum length of |
164
|
|
|
|
|
|
|
the value before you base64-encode it is 50 bytes. |
165
|
|
|
|
|
|
|
|
166
|
|
|
|
|
|
|
For example, suppose the value of C<Type> is C<HEADER> and the value of |
167
|
|
|
|
|
|
|
C<Data> is C<User-Agent>. If you want to search the C<User-Agent> |
168
|
|
|
|
|
|
|
header for the value C<BadBot>, you base64-encode C<BadBot> using MIME |
169
|
|
|
|
|
|
|
base64 encoding and include the resulting value, C<QmFkQm90>, in the |
170
|
|
|
|
|
|
|
value of C<TargetString>. |
171
|
|
|
|
|
|
|
|
172
|
|
|
|
|
|
|
B<If you're using the AWS CLI or one of the AWS SDKs> |
173
|
|
|
|
|
|
|
|
174
|
|
|
|
|
|
|
The value that you want AWS WAF to search for. The SDK automatically |
175
|
|
|
|
|
|
|
base64 encodes the value. |
176
|
|
|
|
|
|
|
|
177
|
|
|
|
|
|
|
|
178
|
|
|
|
|
|
|
=head2 B<REQUIRED> TextTransformation => Str |
179
|
|
|
|
|
|
|
|
180
|
|
|
|
|
|
|
Text transformations eliminate some of the unusual formatting that |
181
|
|
|
|
|
|
|
attackers use in web requests in an effort to bypass AWS WAF. If you |
182
|
|
|
|
|
|
|
specify a transformation, AWS WAF performs the transformation on |
183
|
|
|
|
|
|
|
C<TargetString> before inspecting a request for a match. |
184
|
|
|
|
|
|
|
|
185
|
|
|
|
|
|
|
B<CMD_LINE> |
186
|
|
|
|
|
|
|
|
187
|
|
|
|
|
|
|
When you're concerned that attackers are injecting an operating system |
188
|
|
|
|
|
|
|
commandline command and using unusual formatting to disguise some or |
189
|
|
|
|
|
|
|
all of the command, use this option to perform the following |
190
|
|
|
|
|
|
|
transformations: |
191
|
|
|
|
|
|
|
|
192
|
|
|
|
|
|
|
=over |
193
|
|
|
|
|
|
|
|
194
|
|
|
|
|
|
|
=item * |
195
|
|
|
|
|
|
|
|
196
|
|
|
|
|
|
|
Delete the following characters: \ " ' ^ |
197
|
|
|
|
|
|
|
|
198
|
|
|
|
|
|
|
=item * |
199
|
|
|
|
|
|
|
|
200
|
|
|
|
|
|
|
Delete spaces before the following characters: / ( |
201
|
|
|
|
|
|
|
|
202
|
|
|
|
|
|
|
=item * |
203
|
|
|
|
|
|
|
|
204
|
|
|
|
|
|
|
Replace the following characters with a space: , ; |
205
|
|
|
|
|
|
|
|
206
|
|
|
|
|
|
|
=item * |
207
|
|
|
|
|
|
|
|
208
|
|
|
|
|
|
|
Replace multiple spaces with one space |
209
|
|
|
|
|
|
|
|
210
|
|
|
|
|
|
|
=item * |
211
|
|
|
|
|
|
|
|
212
|
|
|
|
|
|
|
Convert uppercase letters (A-Z) to lowercase (a-z) |
213
|
|
|
|
|
|
|
|
214
|
|
|
|
|
|
|
=back |
215
|
|
|
|
|
|
|
|
216
|
|
|
|
|
|
|
B<COMPRESS_WHITE_SPACE> |
217
|
|
|
|
|
|
|
|
218
|
|
|
|
|
|
|
Use this option to replace the following characters with a space |
219
|
|
|
|
|
|
|
character (decimal 32): |
220
|
|
|
|
|
|
|
|
221
|
|
|
|
|
|
|
=over |
222
|
|
|
|
|
|
|
|
223
|
|
|
|
|
|
|
=item * |
224
|
|
|
|
|
|
|
|
225
|
|
|
|
|
|
|
\f, formfeed, decimal 12 |
226
|
|
|
|
|
|
|
|
227
|
|
|
|
|
|
|
=item * |
228
|
|
|
|
|
|
|
|
229
|
|
|
|
|
|
|
\t, tab, decimal 9 |
230
|
|
|
|
|
|
|
|
231
|
|
|
|
|
|
|
=item * |
232
|
|
|
|
|
|
|
|
233
|
|
|
|
|
|
|
\n, newline, decimal 10 |
234
|
|
|
|
|
|
|
|
235
|
|
|
|
|
|
|
=item * |
236
|
|
|
|
|
|
|
|
237
|
|
|
|
|
|
|
\r, carriage return, decimal 13 |
238
|
|
|
|
|
|
|
|
239
|
|
|
|
|
|
|
=item * |
240
|
|
|
|
|
|
|
|
241
|
|
|
|
|
|
|
\v, vertical tab, decimal 11 |
242
|
|
|
|
|
|
|
|
243
|
|
|
|
|
|
|
=item * |
244
|
|
|
|
|
|
|
|
245
|
|
|
|
|
|
|
non-breaking space, decimal 160 |
246
|
|
|
|
|
|
|
|
247
|
|
|
|
|
|
|
=back |
248
|
|
|
|
|
|
|
|
249
|
|
|
|
|
|
|
C<COMPRESS_WHITE_SPACE> also replaces multiple spaces with one space. |
250
|
|
|
|
|
|
|
|
251
|
|
|
|
|
|
|
B<HTML_ENTITY_DECODE> |
252
|
|
|
|
|
|
|
|
253
|
|
|
|
|
|
|
Use this option to replace HTML-encoded characters with unencoded |
254
|
|
|
|
|
|
|
characters. C<HTML_ENTITY_DECODE> performs the following operations: |
255
|
|
|
|
|
|
|
|
256
|
|
|
|
|
|
|
=over |
257
|
|
|
|
|
|
|
|
258
|
|
|
|
|
|
|
=item * |
259
|
|
|
|
|
|
|
|
260
|
|
|
|
|
|
|
Replaces C<(ampersand)quot;> with C<"> |
261
|
|
|
|
|
|
|
|
262
|
|
|
|
|
|
|
=item * |
263
|
|
|
|
|
|
|
|
264
|
|
|
|
|
|
|
Replaces C<(ampersand)nbsp;> with a non-breaking space, decimal 160 |
265
|
|
|
|
|
|
|
|
266
|
|
|
|
|
|
|
=item * |
267
|
|
|
|
|
|
|
|
268
|
|
|
|
|
|
|
Replaces C<(ampersand)lt;> with a "less than" symbol |
269
|
|
|
|
|
|
|
|
270
|
|
|
|
|
|
|
=item * |
271
|
|
|
|
|
|
|
|
272
|
|
|
|
|
|
|
Replaces C<(ampersand)gt;> with C<E<gt>> |
273
|
|
|
|
|
|
|
|
274
|
|
|
|
|
|
|
=item * |
275
|
|
|
|
|
|
|
|
276
|
|
|
|
|
|
|
Replaces characters that are represented in hexadecimal format, |
277
|
|
|
|
|
|
|
C<(ampersand)(hash)xhhhh;>, with the corresponding characters |
278
|
|
|
|
|
|
|
|
279
|
|
|
|
|
|
|
=item * |
280
|
|
|
|
|
|
|
|
281
|
|
|
|
|
|
|
Replaces characters that are represented in decimal format, |
282
|
|
|
|
|
|
|
C<(ampersand)(hash)nnnn;>, with the corresponding characters |
283
|
|
|
|
|
|
|
|
284
|
|
|
|
|
|
|
=back |
285
|
|
|
|
|
|
|
|
286
|
|
|
|
|
|
|
B<LOWERCASE> |
287
|
|
|
|
|
|
|
|
288
|
|
|
|
|
|
|
Use this option to convert uppercase letters (A-Z) to lowercase (a-z). |
289
|
|
|
|
|
|
|
|
290
|
|
|
|
|
|
|
B<URL_DECODE> |
291
|
|
|
|
|
|
|
|
292
|
|
|
|
|
|
|
Use this option to decode a URL-encoded value. |
293
|
|
|
|
|
|
|
|
294
|
|
|
|
|
|
|
B<NONE> |
295
|
|
|
|
|
|
|
|
296
|
|
|
|
|
|
|
Specify C<NONE> if you don't want to perform any text transformations. |
297
|
|
|
|
|
|
|
|
298
|
|
|
|
|
|
|
|
299
|
|
|
|
|
|
|
|
300
|
|
|
|
|
|
|
=head1 SEE ALSO |
301
|
|
|
|
|
|
|
|
302
|
|
|
|
|
|
|
This class forms part of L<Paws>, describing an object used in L<Paws::WAF> |
303
|
|
|
|
|
|
|
|
304
|
|
|
|
|
|
|
=head1 BUGS and CONTRIBUTIONS |
305
|
|
|
|
|
|
|
|
306
|
|
|
|
|
|
|
The source code is located here: https://github.com/pplu/aws-sdk-perl |
307
|
|
|
|
|
|
|
|
308
|
|
|
|
|
|
|
Please report bugs to: https://github.com/pplu/aws-sdk-perl/issues |
309
|
|
|
|
|
|
|
|
310
|
|
|
|
|
|
|
=cut |
311
|
|
|
|
|
|
|
|