com.amazonaws.services.waf.model.XssMatchTuple Maven / Gradle / Ivy
Show all versions of aws-java-sdk-waf Show documentation
/*
* Copyright 2016-2021 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance with
* the License. A copy of the License is located at
*
* http://aws.amazon.com/apache2.0
*
* or in the "license" file accompanying this file. This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
* CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions
* and limitations under the License.
*/
package com.amazonaws.services.waf.model;
import java.io.Serializable;
import javax.annotation.Generated;
import com.amazonaws.protocol.StructuredPojo;
import com.amazonaws.protocol.ProtocolMarshaller;
/**
*
*
* This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the
* developer guide.
*
*
* For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the
* latest version, AWS WAF has a single set of endpoints for regional and global use.
*
*
*
* Specifies the part of a web request that you want AWS WAF to inspect for cross-site scripting attacks and, if you
* want AWS WAF to inspect a header, the name of the header.
*
*
* @see AWS API
* Documentation
*/
@Generated("com.amazonaws:aws-java-sdk-code-generator")
public class XssMatchTuple implements Serializable, Cloneable, StructuredPojo {
/**
*
* Specifies where in a web request to look for cross-site scripting attacks.
*
*/
private FieldToMatch fieldToMatch;
/**
*
* Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to
* bypass AWS WAF. If you specify a transformation, AWS WAF performs the transformation on FieldToMatch
* before inspecting it for a match.
*
*
* You can only specify a single type of TextTransformation.
*
*
* CMD_LINE
*
*
* When you're concerned that attackers are injecting an operating system command line command and using unusual
* formatting to disguise some or all of the command, use this option to perform the following transformations:
*
*
* -
*
* Delete the following characters: \ " ' ^
*
*
* -
*
* Delete spaces before the following characters: / (
*
*
* -
*
* Replace the following characters with a space: , ;
*
*
* -
*
* Replace multiple spaces with one space
*
*
* -
*
* Convert uppercase letters (A-Z) to lowercase (a-z)
*
*
*
*
* COMPRESS_WHITE_SPACE
*
*
* Use this option to replace the following characters with a space character (decimal 32):
*
*
* -
*
* \f, formfeed, decimal 12
*
*
* -
*
* \t, tab, decimal 9
*
*
* -
*
* \n, newline, decimal 10
*
*
* -
*
* \r, carriage return, decimal 13
*
*
* -
*
* \v, vertical tab, decimal 11
*
*
* -
*
* non-breaking space, decimal 160
*
*
*
*
* COMPRESS_WHITE_SPACE also replaces multiple spaces with one space.
*
*
* HTML_ENTITY_DECODE
*
*
* Use this option to replace HTML-encoded characters with unencoded characters. HTML_ENTITY_DECODE
* performs the following operations:
*
*
* -
*
* Replaces (ampersand)quot; with "
*
*
* -
*
* Replaces (ampersand)nbsp; with a non-breaking space, decimal 160
*
*
* -
*
* Replaces (ampersand)lt; with a "less than" symbol
*
*
* -
*
* Replaces (ampersand)gt; with >
*
*
* -
*
* Replaces characters that are represented in hexadecimal format, (ampersand)#xhhhh;, with the
* corresponding characters
*
*
* -
*
* Replaces characters that are represented in decimal format, (ampersand)#nnnn;, with the
* corresponding characters
*
*
*
*
* LOWERCASE
*
*
* Use this option to convert uppercase letters (A-Z) to lowercase (a-z).
*
*
* URL_DECODE
*
*
* Use this option to decode a URL-encoded value.
*
*
* NONE
*
*
* Specify NONE if you don't want to perform any text transformations.
*
*/
private String textTransformation;
/**
*
* Specifies where in a web request to look for cross-site scripting attacks.
*
*
* @param fieldToMatch
* Specifies where in a web request to look for cross-site scripting attacks.
*/
public void setFieldToMatch(FieldToMatch fieldToMatch) {
this.fieldToMatch = fieldToMatch;
}
/**
*
* Specifies where in a web request to look for cross-site scripting attacks.
*
*
* @return Specifies where in a web request to look for cross-site scripting attacks.
*/
public FieldToMatch getFieldToMatch() {
return this.fieldToMatch;
}
/**
*
* Specifies where in a web request to look for cross-site scripting attacks.
*
*
* @param fieldToMatch
* Specifies where in a web request to look for cross-site scripting attacks.
* @return Returns a reference to this object so that method calls can be chained together.
*/
public XssMatchTuple withFieldToMatch(FieldToMatch fieldToMatch) {
setFieldToMatch(fieldToMatch);
return this;
}
/**
*
* Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to
* bypass AWS WAF. If you specify a transformation, AWS WAF performs the transformation on FieldToMatch
* before inspecting it for a match.
*
*
* You can only specify a single type of TextTransformation.
*
*
* CMD_LINE
*
*
* When you're concerned that attackers are injecting an operating system command line command and using unusual
* formatting to disguise some or all of the command, use this option to perform the following transformations:
*
*
* -
*
* Delete the following characters: \ " ' ^
*
*
* -
*
* Delete spaces before the following characters: / (
*
*
* -
*
* Replace the following characters with a space: , ;
*
*
* -
*
* Replace multiple spaces with one space
*
*
* -
*
* Convert uppercase letters (A-Z) to lowercase (a-z)
*
*
*
*
* COMPRESS_WHITE_SPACE
*
*
* Use this option to replace the following characters with a space character (decimal 32):
*
*
* -
*
* \f, formfeed, decimal 12
*
*
* -
*
* \t, tab, decimal 9
*
*
* -
*
* \n, newline, decimal 10
*
*
* -
*
* \r, carriage return, decimal 13
*
*
* -
*
* \v, vertical tab, decimal 11
*
*
* -
*
* non-breaking space, decimal 160
*
*
*
*
* COMPRESS_WHITE_SPACE also replaces multiple spaces with one space.
*
*
* HTML_ENTITY_DECODE
*
*
* Use this option to replace HTML-encoded characters with unencoded characters. HTML_ENTITY_DECODE
* performs the following operations:
*
*
* -
*
* Replaces (ampersand)quot; with "
*
*
* -
*
* Replaces (ampersand)nbsp; with a non-breaking space, decimal 160
*
*
* -
*
* Replaces (ampersand)lt; with a "less than" symbol
*
*
* -
*
* Replaces (ampersand)gt; with >
*
*
* -
*
* Replaces characters that are represented in hexadecimal format, (ampersand)#xhhhh;, with the
* corresponding characters
*
*
* -
*
* Replaces characters that are represented in decimal format, (ampersand)#nnnn;, with the
* corresponding characters
*
*
*
*
* LOWERCASE
*
*
* Use this option to convert uppercase letters (A-Z) to lowercase (a-z).
*
*
* URL_DECODE
*
*
* Use this option to decode a URL-encoded value.
*
*
* NONE
*
*
* Specify NONE if you don't want to perform any text transformations.
*
*
* @param textTransformation
* Text transformations eliminate some of the unusual formatting that attackers use in web requests in an
* effort to bypass AWS WAF. If you specify a transformation, AWS WAF performs the transformation on
* FieldToMatch before inspecting it for a match.
*
* You can only specify a single type of TextTransformation.
*
*
* CMD_LINE
*
*
* When you're concerned that attackers are injecting an operating system command line command and using
* unusual formatting to disguise some or all of the command, use this option to perform the following
* transformations:
*
*
* -
*
* Delete the following characters: \ " ' ^
*
*
* -
*
* Delete spaces before the following characters: / (
*
*
* -
*
* Replace the following characters with a space: , ;
*
*
* -
*
* Replace multiple spaces with one space
*
*
* -
*
* Convert uppercase letters (A-Z) to lowercase (a-z)
*
*
*
*
* COMPRESS_WHITE_SPACE
*
*
* Use this option to replace the following characters with a space character (decimal 32):
*
*
* -
*
* \f, formfeed, decimal 12
*
*
* -
*
* \t, tab, decimal 9
*
*
* -
*
* \n, newline, decimal 10
*
*
* -
*
* \r, carriage return, decimal 13
*
*
* -
*
* \v, vertical tab, decimal 11
*
*
* -
*
* non-breaking space, decimal 160
*
*
*
*
* COMPRESS_WHITE_SPACE also replaces multiple spaces with one space.
*
*
* HTML_ENTITY_DECODE
*
*
* Use this option to replace HTML-encoded characters with unencoded characters.
* HTML_ENTITY_DECODE performs the following operations:
*
*
* -
*
* Replaces (ampersand)quot; with "
*
*
* -
*
* Replaces (ampersand)nbsp; with a non-breaking space, decimal 160
*
*
* -
*
* Replaces (ampersand)lt; with a "less than" symbol
*
*
* -
*
* Replaces (ampersand)gt; with >
*
*
* -
*
* Replaces characters that are represented in hexadecimal format, (ampersand)#xhhhh;, with the
* corresponding characters
*
*
* -
*
* Replaces characters that are represented in decimal format, (ampersand)#nnnn;, with the
* corresponding characters
*
*
*
*
* LOWERCASE
*
*
* Use this option to convert uppercase letters (A-Z) to lowercase (a-z).
*
*
* URL_DECODE
*
*
* Use this option to decode a URL-encoded value.
*
*
* NONE
*
*
* Specify NONE if you don't want to perform any text transformations.
* @see TextTransformation
*/
public void setTextTransformation(String textTransformation) {
this.textTransformation = textTransformation;
}
/**
*
* Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to
* bypass AWS WAF. If you specify a transformation, AWS WAF performs the transformation on FieldToMatch
* before inspecting it for a match.
*
*
* You can only specify a single type of TextTransformation.
*
*
* CMD_LINE
*
*
* When you're concerned that attackers are injecting an operating system command line command and using unusual
* formatting to disguise some or all of the command, use this option to perform the following transformations:
*
*
* -
*
* Delete the following characters: \ " ' ^
*
*
* -
*
* Delete spaces before the following characters: / (
*
*
* -
*
* Replace the following characters with a space: , ;
*
*
* -
*
* Replace multiple spaces with one space
*
*
* -
*
* Convert uppercase letters (A-Z) to lowercase (a-z)
*
*
*
*
* COMPRESS_WHITE_SPACE
*
*
* Use this option to replace the following characters with a space character (decimal 32):
*
*
* -
*
* \f, formfeed, decimal 12
*
*
* -
*
* \t, tab, decimal 9
*
*
* -
*
* \n, newline, decimal 10
*
*
* -
*
* \r, carriage return, decimal 13
*
*
* -
*
* \v, vertical tab, decimal 11
*
*
* -
*
* non-breaking space, decimal 160
*
*
*
*
* COMPRESS_WHITE_SPACE also replaces multiple spaces with one space.
*
*
* HTML_ENTITY_DECODE
*
*
* Use this option to replace HTML-encoded characters with unencoded characters. HTML_ENTITY_DECODE
* performs the following operations:
*
*
* -
*
* Replaces (ampersand)quot; with "
*
*
* -
*
* Replaces (ampersand)nbsp; with a non-breaking space, decimal 160
*
*
* -
*
* Replaces (ampersand)lt; with a "less than" symbol
*
*
* -
*
* Replaces (ampersand)gt; with >
*
*
* -
*
* Replaces characters that are represented in hexadecimal format, (ampersand)#xhhhh;, with the
* corresponding characters
*
*
* -
*
* Replaces characters that are represented in decimal format, (ampersand)#nnnn;, with the
* corresponding characters
*
*
*
*
* LOWERCASE
*
*
* Use this option to convert uppercase letters (A-Z) to lowercase (a-z).
*
*
* URL_DECODE
*
*
* Use this option to decode a URL-encoded value.
*
*
* NONE
*
*
* Specify NONE if you don't want to perform any text transformations.
*
*
* @return Text transformations eliminate some of the unusual formatting that attackers use in web requests in an
* effort to bypass AWS WAF. If you specify a transformation, AWS WAF performs the transformation on
* FieldToMatch before inspecting it for a match.
*
* You can only specify a single type of TextTransformation.
*
*
* CMD_LINE
*
*
* When you're concerned that attackers are injecting an operating system command line command and using
* unusual formatting to disguise some or all of the command, use this option to perform the following
* transformations:
*
*
* -
*
* Delete the following characters: \ " ' ^
*
*
* -
*
* Delete spaces before the following characters: / (
*
*
* -
*
* Replace the following characters with a space: , ;
*
*
* -
*
* Replace multiple spaces with one space
*
*
* -
*
* Convert uppercase letters (A-Z) to lowercase (a-z)
*
*
*
*
* COMPRESS_WHITE_SPACE
*
*
* Use this option to replace the following characters with a space character (decimal 32):
*
*
* -
*
* \f, formfeed, decimal 12
*
*
* -
*
* \t, tab, decimal 9
*
*
* -
*
* \n, newline, decimal 10
*
*
* -
*
* \r, carriage return, decimal 13
*
*
* -
*
* \v, vertical tab, decimal 11
*
*
* -
*
* non-breaking space, decimal 160
*
*
*
*
* COMPRESS_WHITE_SPACE also replaces multiple spaces with one space.
*
*
* HTML_ENTITY_DECODE
*
*
* Use this option to replace HTML-encoded characters with unencoded characters.
* HTML_ENTITY_DECODE performs the following operations:
*
*
* -
*
* Replaces (ampersand)quot; with "
*
*
* -
*
* Replaces (ampersand)nbsp; with a non-breaking space, decimal 160
*
*
* -
*
* Replaces (ampersand)lt; with a "less than" symbol
*
*
* -
*
* Replaces (ampersand)gt; with >
*
*
* -
*
* Replaces characters that are represented in hexadecimal format, (ampersand)#xhhhh;, with the
* corresponding characters
*
*
* -
*
* Replaces characters that are represented in decimal format, (ampersand)#nnnn;, with the
* corresponding characters
*
*
*
*
* LOWERCASE
*
*
* Use this option to convert uppercase letters (A-Z) to lowercase (a-z).
*
*
* URL_DECODE
*
*
* Use this option to decode a URL-encoded value.
*
*
* NONE
*
*
* Specify NONE if you don't want to perform any text transformations.
* @see TextTransformation
*/
public String getTextTransformation() {
return this.textTransformation;
}
/**
*
* Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to
* bypass AWS WAF. If you specify a transformation, AWS WAF performs the transformation on FieldToMatch
* before inspecting it for a match.
*
*
* You can only specify a single type of TextTransformation.
*
*
* CMD_LINE
*
*
* When you're concerned that attackers are injecting an operating system command line command and using unusual
* formatting to disguise some or all of the command, use this option to perform the following transformations:
*
*
* -
*
* Delete the following characters: \ " ' ^
*
*
* -
*
* Delete spaces before the following characters: / (
*
*
* -
*
* Replace the following characters with a space: , ;
*
*
* -
*
* Replace multiple spaces with one space
*
*
* -
*
* Convert uppercase letters (A-Z) to lowercase (a-z)
*
*
*
*
* COMPRESS_WHITE_SPACE
*
*
* Use this option to replace the following characters with a space character (decimal 32):
*
*
* -
*
* \f, formfeed, decimal 12
*
*
* -
*
* \t, tab, decimal 9
*
*
* -
*
* \n, newline, decimal 10
*
*
* -
*
* \r, carriage return, decimal 13
*
*
* -
*
* \v, vertical tab, decimal 11
*
*
* -
*
* non-breaking space, decimal 160
*
*
*
*
* COMPRESS_WHITE_SPACE also replaces multiple spaces with one space.
*
*
* HTML_ENTITY_DECODE
*
*
* Use this option to replace HTML-encoded characters with unencoded characters. HTML_ENTITY_DECODE
* performs the following operations:
*
*
* -
*
* Replaces (ampersand)quot; with "
*
*
* -
*
* Replaces (ampersand)nbsp; with a non-breaking space, decimal 160
*
*
* -
*
* Replaces (ampersand)lt; with a "less than" symbol
*
*
* -
*
* Replaces (ampersand)gt; with >
*
*
* -
*
* Replaces characters that are represented in hexadecimal format, (ampersand)#xhhhh;, with the
* corresponding characters
*
*
* -
*
* Replaces characters that are represented in decimal format, (ampersand)#nnnn;, with the
* corresponding characters
*
*
*
*
* LOWERCASE
*
*
* Use this option to convert uppercase letters (A-Z) to lowercase (a-z).
*
*
* URL_DECODE
*
*
* Use this option to decode a URL-encoded value.
*
*
* NONE
*
*
* Specify NONE if you don't want to perform any text transformations.
*
*
* @param textTransformation
* Text transformations eliminate some of the unusual formatting that attackers use in web requests in an
* effort to bypass AWS WAF. If you specify a transformation, AWS WAF performs the transformation on
* FieldToMatch before inspecting it for a match.
*
* You can only specify a single type of TextTransformation.
*
*
* CMD_LINE
*
*
* When you're concerned that attackers are injecting an operating system command line command and using
* unusual formatting to disguise some or all of the command, use this option to perform the following
* transformations:
*
*
* -
*
* Delete the following characters: \ " ' ^
*
*
* -
*
* Delete spaces before the following characters: / (
*
*
* -
*
* Replace the following characters with a space: , ;
*
*
* -
*
* Replace multiple spaces with one space
*
*
* -
*
* Convert uppercase letters (A-Z) to lowercase (a-z)
*
*
*
*
* COMPRESS_WHITE_SPACE
*
*
* Use this option to replace the following characters with a space character (decimal 32):
*
*
* -
*
* \f, formfeed, decimal 12
*
*
* -
*
* \t, tab, decimal 9
*
*
* -
*
* \n, newline, decimal 10
*
*
* -
*
* \r, carriage return, decimal 13
*
*
* -
*
* \v, vertical tab, decimal 11
*
*
* -
*
* non-breaking space, decimal 160
*
*
*
*
* COMPRESS_WHITE_SPACE also replaces multiple spaces with one space.
*
*
* HTML_ENTITY_DECODE
*
*
* Use this option to replace HTML-encoded characters with unencoded characters.
* HTML_ENTITY_DECODE performs the following operations:
*
*
* -
*
* Replaces (ampersand)quot; with "
*
*
* -
*
* Replaces (ampersand)nbsp; with a non-breaking space, decimal 160
*
*
* -
*
* Replaces (ampersand)lt; with a "less than" symbol
*
*
* -
*
* Replaces (ampersand)gt; with >
*
*
* -
*
* Replaces characters that are represented in hexadecimal format, (ampersand)#xhhhh;, with the
* corresponding characters
*
*
* -
*
* Replaces characters that are represented in decimal format, (ampersand)#nnnn;, with the
* corresponding characters
*
*
*
*
* LOWERCASE
*
*
* Use this option to convert uppercase letters (A-Z) to lowercase (a-z).
*
*
* URL_DECODE
*
*
* Use this option to decode a URL-encoded value.
*
*
* NONE
*
*
* Specify NONE if you don't want to perform any text transformations.
* @return Returns a reference to this object so that method calls can be chained together.
* @see TextTransformation
*/
public XssMatchTuple withTextTransformation(String textTransformation) {
setTextTransformation(textTransformation);
return this;
}
/**
*
* Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to
* bypass AWS WAF. If you specify a transformation, AWS WAF performs the transformation on FieldToMatch
* before inspecting it for a match.
*
*
* You can only specify a single type of TextTransformation.
*
*
* CMD_LINE
*
*
* When you're concerned that attackers are injecting an operating system command line command and using unusual
* formatting to disguise some or all of the command, use this option to perform the following transformations:
*
*
* -
*
* Delete the following characters: \ " ' ^
*
*
* -
*
* Delete spaces before the following characters: / (
*
*
* -
*
* Replace the following characters with a space: , ;
*
*
* -
*
* Replace multiple spaces with one space
*
*
* -
*
* Convert uppercase letters (A-Z) to lowercase (a-z)
*
*
*
*
* COMPRESS_WHITE_SPACE
*
*
* Use this option to replace the following characters with a space character (decimal 32):
*
*
* -
*
* \f, formfeed, decimal 12
*
*
* -
*
* \t, tab, decimal 9
*
*
* -
*
* \n, newline, decimal 10
*
*
* -
*
* \r, carriage return, decimal 13
*
*
* -
*
* \v, vertical tab, decimal 11
*
*
* -
*
* non-breaking space, decimal 160
*
*
*
*
* COMPRESS_WHITE_SPACE also replaces multiple spaces with one space.
*
*
* HTML_ENTITY_DECODE
*
*
* Use this option to replace HTML-encoded characters with unencoded characters. HTML_ENTITY_DECODE
* performs the following operations:
*
*
* -
*
* Replaces (ampersand)quot; with "
*
*
* -
*
* Replaces (ampersand)nbsp; with a non-breaking space, decimal 160
*
*
* -
*
* Replaces (ampersand)lt; with a "less than" symbol
*
*
* -
*
* Replaces (ampersand)gt; with >
*
*
* -
*
* Replaces characters that are represented in hexadecimal format, (ampersand)#xhhhh;, with the
* corresponding characters
*
*
* -
*
* Replaces characters that are represented in decimal format, (ampersand)#nnnn;, with the
* corresponding characters
*
*
*
*
* LOWERCASE
*
*
* Use this option to convert uppercase letters (A-Z) to lowercase (a-z).
*
*
* URL_DECODE
*
*
* Use this option to decode a URL-encoded value.
*
*
* NONE
*
*
* Specify NONE if you don't want to perform any text transformations.
*
*
* @param textTransformation
* Text transformations eliminate some of the unusual formatting that attackers use in web requests in an
* effort to bypass AWS WAF. If you specify a transformation, AWS WAF performs the transformation on
* FieldToMatch before inspecting it for a match.
*
* You can only specify a single type of TextTransformation.
*
*
* CMD_LINE
*
*
* When you're concerned that attackers are injecting an operating system command line command and using
* unusual formatting to disguise some or all of the command, use this option to perform the following
* transformations:
*
*
* -
*
* Delete the following characters: \ " ' ^
*
*
* -
*
* Delete spaces before the following characters: / (
*
*
* -
*
* Replace the following characters with a space: , ;
*
*
* -
*
* Replace multiple spaces with one space
*
*
* -
*
* Convert uppercase letters (A-Z) to lowercase (a-z)
*
*
*
*
* COMPRESS_WHITE_SPACE
*
*
* Use this option to replace the following characters with a space character (decimal 32):
*
*
* -
*
* \f, formfeed, decimal 12
*
*
* -
*
* \t, tab, decimal 9
*
*
* -
*
* \n, newline, decimal 10
*
*
* -
*
* \r, carriage return, decimal 13
*
*
* -
*
* \v, vertical tab, decimal 11
*
*
* -
*
* non-breaking space, decimal 160
*
*
*
*
* COMPRESS_WHITE_SPACE also replaces multiple spaces with one space.
*
*
* HTML_ENTITY_DECODE
*
*
* Use this option to replace HTML-encoded characters with unencoded characters.
* HTML_ENTITY_DECODE performs the following operations:
*
*
* -
*
* Replaces (ampersand)quot; with "
*
*
* -
*
* Replaces (ampersand)nbsp; with a non-breaking space, decimal 160
*
*
* -
*
* Replaces (ampersand)lt; with a "less than" symbol
*
*
* -
*
* Replaces (ampersand)gt; with >
*
*
* -
*
* Replaces characters that are represented in hexadecimal format, (ampersand)#xhhhh;, with the
* corresponding characters
*
*
* -
*
* Replaces characters that are represented in decimal format, (ampersand)#nnnn;, with the
* corresponding characters
*
*
*
*
* LOWERCASE
*
*
* Use this option to convert uppercase letters (A-Z) to lowercase (a-z).
*
*
* URL_DECODE
*
*
* Use this option to decode a URL-encoded value.
*
*
* NONE
*
*
* Specify NONE if you don't want to perform any text transformations.
* @see TextTransformation
*/
public void setTextTransformation(TextTransformation textTransformation) {
withTextTransformation(textTransformation);
}
/**
*
* Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to
* bypass AWS WAF. If you specify a transformation, AWS WAF performs the transformation on FieldToMatch
* before inspecting it for a match.
*
*
* You can only specify a single type of TextTransformation.
*
*
* CMD_LINE
*
*
* When you're concerned that attackers are injecting an operating system command line command and using unusual
* formatting to disguise some or all of the command, use this option to perform the following transformations:
*
*
* -
*
* Delete the following characters: \ " ' ^
*
*
* -
*
* Delete spaces before the following characters: / (
*
*
* -
*
* Replace the following characters with a space: , ;
*
*
* -
*
* Replace multiple spaces with one space
*
*
* -
*
* Convert uppercase letters (A-Z) to lowercase (a-z)
*
*
*
*
* COMPRESS_WHITE_SPACE
*
*
* Use this option to replace the following characters with a space character (decimal 32):
*
*
* -
*
* \f, formfeed, decimal 12
*
*
* -
*
* \t, tab, decimal 9
*
*
* -
*
* \n, newline, decimal 10
*
*
* -
*
* \r, carriage return, decimal 13
*
*
* -
*
* \v, vertical tab, decimal 11
*
*
* -
*
* non-breaking space, decimal 160
*
*
*
*
* COMPRESS_WHITE_SPACE also replaces multiple spaces with one space.
*
*
* HTML_ENTITY_DECODE
*
*
* Use this option to replace HTML-encoded characters with unencoded characters. HTML_ENTITY_DECODE
* performs the following operations:
*
*
* -
*
* Replaces (ampersand)quot; with "
*
*
* -
*
* Replaces (ampersand)nbsp; with a non-breaking space, decimal 160
*
*
* -
*
* Replaces (ampersand)lt; with a "less than" symbol
*
*
* -
*
* Replaces (ampersand)gt; with >
*
*
* -
*
* Replaces characters that are represented in hexadecimal format, (ampersand)#xhhhh;, with the
* corresponding characters
*
*
* -
*
* Replaces characters that are represented in decimal format, (ampersand)#nnnn;, with the
* corresponding characters
*
*
*
*
* LOWERCASE
*
*
* Use this option to convert uppercase letters (A-Z) to lowercase (a-z).
*
*
* URL_DECODE
*
*
* Use this option to decode a URL-encoded value.
*
*
* NONE
*
*
* Specify NONE if you don't want to perform any text transformations.
*
*
* @param textTransformation
* Text transformations eliminate some of the unusual formatting that attackers use in web requests in an
* effort to bypass AWS WAF. If you specify a transformation, AWS WAF performs the transformation on
* FieldToMatch before inspecting it for a match.
*
* You can only specify a single type of TextTransformation.
*
*
* CMD_LINE
*
*
* When you're concerned that attackers are injecting an operating system command line command and using
* unusual formatting to disguise some or all of the command, use this option to perform the following
* transformations:
*
*
* -
*
* Delete the following characters: \ " ' ^
*
*
* -
*
* Delete spaces before the following characters: / (
*
*
* -
*
* Replace the following characters with a space: , ;
*
*
* -
*
* Replace multiple spaces with one space
*
*
* -
*
* Convert uppercase letters (A-Z) to lowercase (a-z)
*
*
*
*
* COMPRESS_WHITE_SPACE
*
*
* Use this option to replace the following characters with a space character (decimal 32):
*
*
* -
*
* \f, formfeed, decimal 12
*
*
* -
*
* \t, tab, decimal 9
*
*
* -
*
* \n, newline, decimal 10
*
*
* -
*
* \r, carriage return, decimal 13
*
*
* -
*
* \v, vertical tab, decimal 11
*
*
* -
*
* non-breaking space, decimal 160
*
*
*
*
* COMPRESS_WHITE_SPACE also replaces multiple spaces with one space.
*
*
* HTML_ENTITY_DECODE
*
*
* Use this option to replace HTML-encoded characters with unencoded characters.
* HTML_ENTITY_DECODE performs the following operations:
*
*
* -
*
* Replaces (ampersand)quot; with "
*
*
* -
*
* Replaces (ampersand)nbsp; with a non-breaking space, decimal 160
*
*
* -
*
* Replaces (ampersand)lt; with a "less than" symbol
*
*
* -
*
* Replaces (ampersand)gt; with >
*
*
* -
*
* Replaces characters that are represented in hexadecimal format, (ampersand)#xhhhh;, with the
* corresponding characters
*
*
* -
*
* Replaces characters that are represented in decimal format, (ampersand)#nnnn;, with the
* corresponding characters
*
*
*
*
* LOWERCASE
*
*
* Use this option to convert uppercase letters (A-Z) to lowercase (a-z).
*
*
* URL_DECODE
*
*
* Use this option to decode a URL-encoded value.
*
*
* NONE
*
*
* Specify NONE if you don't want to perform any text transformations.
* @return Returns a reference to this object so that method calls can be chained together.
* @see TextTransformation
*/
public XssMatchTuple withTextTransformation(TextTransformation textTransformation) {
this.textTransformation = textTransformation.toString();
return this;
}
/**
* Returns a string representation of this object. This is useful for testing and debugging. Sensitive data will be
* redacted from this string using a placeholder value.
*
* @return A string representation of this object.
*
* @see java.lang.Object#toString()
*/
@Override
public String toString() {
StringBuilder sb = new StringBuilder();
sb.append("{");
if (getFieldToMatch() != null)
sb.append("FieldToMatch: ").append(getFieldToMatch()).append(",");
if (getTextTransformation() != null)
sb.append("TextTransformation: ").append(getTextTransformation());
sb.append("}");
return sb.toString();
}
@Override
public boolean equals(Object obj) {
if (this == obj)
return true;
if (obj == null)
return false;
if (obj instanceof XssMatchTuple == false)
return false;
XssMatchTuple other = (XssMatchTuple) obj;
if (other.getFieldToMatch() == null ^ this.getFieldToMatch() == null)
return false;
if (other.getFieldToMatch() != null && other.getFieldToMatch().equals(this.getFieldToMatch()) == false)
return false;
if (other.getTextTransformation() == null ^ this.getTextTransformation() == null)
return false;
if (other.getTextTransformation() != null && other.getTextTransformation().equals(this.getTextTransformation()) == false)
return false;
return true;
}
@Override
public int hashCode() {
final int prime = 31;
int hashCode = 1;
hashCode = prime * hashCode + ((getFieldToMatch() == null) ? 0 : getFieldToMatch().hashCode());
hashCode = prime * hashCode + ((getTextTransformation() == null) ? 0 : getTextTransformation().hashCode());
return hashCode;
}
@Override
public XssMatchTuple clone() {
try {
return (XssMatchTuple) super.clone();
} catch (CloneNotSupportedException e) {
throw new IllegalStateException("Got a CloneNotSupportedException from Object.clone() " + "even though we're Cloneable!", e);
}
}
@com.amazonaws.annotation.SdkInternalApi
@Override
public void marshall(ProtocolMarshaller protocolMarshaller) {
com.amazonaws.services.waf.model.waf_regional.transform.XssMatchTupleMarshaller.getInstance().marshall(this, protocolMarshaller);
}
}