Skip to content

Commit

Permalink
Ruleset Engine: fix links to specific fields and functions
Browse files Browse the repository at this point in the history
  • Loading branch information
nikitacano committed Aug 14, 2024
1 parent edbd037 commit af7e3ff
Show file tree
Hide file tree
Showing 34 changed files with 98 additions and 98 deletions.
2 changes: 1 addition & 1 deletion src/content/docs/bots/troubleshooting.mdx
Original file line number Diff line number Diff line change
Expand Up @@ -90,7 +90,7 @@ Cloudflare has built an allowlist of good, automated bots, e.g. Google Search En

This allowlist is large based on reverse DNS verification, meaning that the IPs we allow really match the requesting service. In addition to this, Cloudflare uses multiple validation methods including ASN blocks and public lists. If none of these validation types are available for a customer, we use internal Cloudflare data and machine learning to identify legitimate IP addresses from good bots.

To allow traffic from good bots, use the [Verified Bot](/ruleset-engine/rules-language/fields/#field-cf-bot_management-verified_bot) field in your WAF custom rule.
To allow traffic from good bots, use the [Verified Bot](/ruleset-engine/rules-language/fields/#cf-bot_management-verified_bot) field in your WAF custom rule.


***
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -84,7 +84,7 @@ addEventListener('fetch', event => {

## Accessing custom metadata in a rule expression

Use the [`cf.hostname.metadata`](/ruleset-engine/rules-language/fields/#field-cf-hostname-metadata) field to access the metadata object in rule expressions. To obtain the different values from the JSON object, use the [`lookup_json_string`](/ruleset-engine/rules-language/functions/#function-lookup_json_string) function.
Use the [`cf.hostname.metadata`](/ruleset-engine/rules-language/fields/#cf-hostname-metadata) field to access the metadata object in rule expressions. To obtain the different values from the JSON object, use the [`lookup_json_string`](/ruleset-engine/rules-language/functions/#lookup_json_string) function.

The following rule expression defines that there will be a rule match if the `security_tag` value in custom metadata contains the value `low`:

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -35,9 +35,9 @@ import { GlossaryTooltip } from "~/components"
* **Protocol** (HTTP protocol version)
* **Request headers**
* **Cookies**
* **Geolocation** (request source [country](/ruleset-engine/rules-language/fields/#field-ip-src-country), [region](/ruleset-engine/rules-language/fields/#field-ip-src-region_code), and [city](/ruleset-engine/rules-language/fields/#field-ip-src-city))
* **Geolocation** (request source [country](/ruleset-engine/rules-language/fields/#ip-src-country), [region](/ruleset-engine/rules-language/fields/#ip-src-region_code), and [city](/ruleset-engine/rules-language/fields/#ip-src-city))
* [**Bot score**](/bots/concepts/bot-score/)
* <GlossaryTooltip term="threat score" link="/ruleset-engine/rules-language/fields/#field-cf-threat_score">**Threat score**</GlossaryTooltip>
* <GlossaryTooltip term="threat score" link="/ruleset-engine/rules-language/fields/#cf-threat_score">**Threat score**</GlossaryTooltip>
* **Request body** (for `POST`, `PUT`, and `PATCH` requests)
* **Skip challenge** (skips a Cloudflare-issued [challenge](/waf/reference/cloudflare-challenges/), if any, allowing the trace to continue)

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -142,7 +142,7 @@ The intended purpose of this header is to provide a means for recipients (for ex
:::note


When configuring WAF custom rules, do not match on this header. These rules are applied before Cloudflare adds the `CF-Worker` header. Instead, use the [`cf.worker.upstream_zone`](/ruleset-engine/rules-language/fields/#field-cf-worker-upstream_zone) dynamic field, which contains the same value and exists for the same purpose.
When configuring WAF custom rules, do not match on this header. These rules are applied before Cloudflare adds the `CF-Worker` header. Instead, use the [`cf.worker.upstream_zone`](/ruleset-engine/rules-language/fields/#cf-worker-upstream_zone) dynamic field, which contains the same value and exists for the same purpose.


:::
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -91,7 +91,7 @@ Many of these fields are referenced from the [Rules language documentation](/rul
</thead>
<tbody>
<tr id="field-http-cookie">
<td valign="top"><a href="/ruleset-engine/rules-language/fields/#field-http-cookie"><code>http.cookie</code></a><br />`String`</td>
<td valign="top"><a href="/ruleset-engine/rules-language/fields/#http-cookie"><code>http.cookie</code></a><br />`String`</td>
<td>(<a href="/load-balancing/additional-options/load-balancing-rules/expressions/#expression-editor">Manual entry only</a>)</td>
<td>
<p>Represents the entire cookie as a string.</p>
Expand All @@ -102,7 +102,7 @@ Many of these fields are referenced from the [Rules language documentation](/rul
</td>
</tr>
<tr id="field-http-host">
<td valign="top"><a href="/ruleset-engine/rules-language/fields/#field-http-host"><code>http.host</code></a><br />`String`</td>
<td valign="top"><a href="/ruleset-engine/rules-language/fields/#http-host"><code>http.host</code></a><br />`String`</td>
<td>(<a href="/load-balancing/additional-options/load-balancing-rules/expressions/#expression-editor">Manual entry only</a>)</td>
<td>
<p>Represents the hostname used in the full request URI.</p>
Expand All @@ -113,7 +113,7 @@ Many of these fields are referenced from the [Rules language documentation](/rul
</td>
</tr>
<tr id="field-http-referer">
<td valign="top"><a href="/ruleset-engine/rules-language/fields/#field-http-referer"><code>http.referer</code></a><br />`String`</td>
<td valign="top"><a href="/ruleset-engine/rules-language/fields/#http-referer"><code>http.referer</code></a><br />`String`</td>
<td>(<a href="/load-balancing/additional-options/load-balancing-rules/expressions/#expression-editor">Manual entry only</a>)</td>
<td>
<p>Represents the HTTP Referer request header, which contains the address of the web page that linked to the currently requested page.</p>
Expand All @@ -124,7 +124,7 @@ Many of these fields are referenced from the [Rules language documentation](/rul
</td>
</tr>
<tr id="field-http-request-headers">
<td valign="top"><a href="/ruleset-engine/rules-language/fields/#field-http-request-headers"><code>http.request.headers</code></a><br />`Map<Array<String>>`</td>
<td valign="top"><a href="/ruleset-engine/rules-language/fields/#http-request-headers"><code>http.request.headers</code></a><br />`Map<Array<String>>`</td>
<td><code>Header</code></td>
<td>
<p>Represents HTTP request headers as a Map (or associative array).</p>
Expand All @@ -146,7 +146,7 @@ Many of these fields are referenced from the [Rules language documentation](/rul
</td>
</tr>
<tr id="field-http-request-method">
<td valign="top"><a href="/ruleset-engine/rules-language/fields/#field-http-request-method"><code>http.request.method</code></a><br />`String`</td>
<td valign="top"><a href="/ruleset-engine/rules-language/fields/#http-request-method"><code>http.request.method</code></a><br />`String`</td>
<td><code>Request Method</code></td>
<td>
<p>Represents the HTTP method, returned as a string of uppercase characters.</p>
Expand All @@ -157,7 +157,7 @@ Many of these fields are referenced from the [Rules language documentation](/rul
</td>
</tr>
<tr id="field-http-request-timestamp-sec">
<td valign="top"><a href="/ruleset-engine/rules-language/fields/#field-http-request-timestamp-sec"><code>http.request.timestamp.sec</code></a><br />`Integer`</td>
<td valign="top"><a href="/ruleset-engine/rules-language/fields/#http-request-timestamp-sec"><code>http.request.timestamp.sec</code></a><br />`Integer`</td>
<td><code>Timestamp</code></td>
<td>
<p>Represents the timestamp when Cloudflare received the request, expressed as Unix time in seconds. This value is 10 digits long.</p>
Expand All @@ -168,7 +168,7 @@ Many of these fields are referenced from the [Rules language documentation](/rul
</td>
</tr>
<tr id="field-http-request-uri">
<td valign="top"><a href="/ruleset-engine/rules-language/fields/#field-http-request-uri"><code>http.request.uri</code></a><br />`String`</td>
<td valign="top"><a href="/ruleset-engine/rules-language/fields/#http-request-uri"><code>http.request.uri</code></a><br />`String`</td>
<td><code>URI</code></td>
<td>
<p>Represents the URI path and query string of the request.</p>
Expand All @@ -179,7 +179,7 @@ Many of these fields are referenced from the [Rules language documentation](/rul
</td>
</tr>
<tr id="field-http-request-uri-args">
<td valign="top"><a href="/ruleset-engine/rules-language/fields/#field-http-request-uri-args"><code>http.request.uri.args</code></a><br />`Map<Array<String>>`</td>
<td valign="top"><a href="/ruleset-engine/rules-language/fields/#http-request-uri-args"><code>http.request.uri.args</code></a><br />`Map<Array<String>>`</td>
<td>(<a href="/load-balancing/additional-options/load-balancing-rules/expressions/#expression-editor">Manual entry only</a>)</td>
<td>
<p>Represents the HTTP URI arguments associated with a request as a Map (associative array).</p>
Expand All @@ -202,7 +202,7 @@ Many of these fields are referenced from the [Rules language documentation](/rul
</td>
</tr>
<tr id="field-http-request-uri-args-names">
<td valign="top"><a href="/ruleset-engine/rules-language/fields/#field-http-request-uri-args-names"><code>http.request.uri.args.names</code></a><br />`Array<String>`</td>
<td valign="top"><a href="/ruleset-engine/rules-language/fields/#http-request-uri-args-names"><code>http.request.uri.args.names</code></a><br />`Array<String>`</td>
<td>(<a href="/load-balancing/additional-options/load-balancing-rules/expressions/#expression-editor">Manual entry only</a>)</td>
<td>
<p>Represents the names of the arguments in the HTTP URI query string. The names are not pre-processed and retain the original case used in the request.</p>
Expand All @@ -222,7 +222,7 @@ Many of these fields are referenced from the [Rules language documentation](/rul
</td>
</tr>
<tr id="field-http-request-uri-args-values">
<td valign="top"><a href="/ruleset-engine/rules-language/fields/#field-http-request-uri-args-values"><code>http.request.uri.args.values</code></a><br />`Array<String>`</td>
<td valign="top"><a href="/ruleset-engine/rules-language/fields/#http-request-uri-args-values"><code>http.request.uri.args.values</code></a><br />`Array<String>`</td>
<td>(<a href="/load-balancing/additional-options/load-balancing-rules/expressions/#expression-editor">Manual entry only</a>)</td>
<td>
<p>Represents the values of arguments in the HTTP URI query string. The values are not pre-processed and retain the original case used in the request. They are in the same order as in the request.</p>
Expand All @@ -242,7 +242,7 @@ Many of these fields are referenced from the [Rules language documentation](/rul
</td>
</tr>
<tr id="field-http-request-uri-path">
<td valign="top"><a href="/ruleset-engine/rules-language/fields/#field-http-request-uri-path"><code>http.request.uri.path</code></a><br />`String`</td>
<td valign="top"><a href="/ruleset-engine/rules-language/fields/#http-request-uri-path"><code>http.request.uri.path</code></a><br />`String`</td>
<td><code>URI Path</code></td>
<td>
<p>Represents the URI path of the request.</p>
Expand All @@ -253,7 +253,7 @@ Many of these fields are referenced from the [Rules language documentation](/rul
</td>
</tr>
<tr id="field-http-request-uri-query">
<td valign="top"><a href="/ruleset-engine/rules-language/fields/#field-http-request-uri-query"><code>http.request.uri.query</code></a><br />`String`</td>
<td valign="top"><a href="/ruleset-engine/rules-language/fields/#http-request-uri-query"><code>http.request.uri.query</code></a><br />`String`</td>
<td><code>URI Query</code></td>
<td>
<p>Represents the entire query string, without the <code class="InlineCode">?</code> delimiter.</p>
Expand All @@ -264,7 +264,7 @@ Many of these fields are referenced from the [Rules language documentation](/rul
</td>
</tr>
<tr id="field-http-request-version">
<td valign="top"><a href="/ruleset-engine/rules-language/fields/#field-http-request-version"><code>http.request.version</code></a><br />`String`</td>
<td valign="top"><a href="/ruleset-engine/rules-language/fields/#http-request-version"><code>http.request.version</code></a><br />`String`</td>
<td><code>HTTP Version</code></td>
<td>
<p>Represents the version of the HTTP protocol used. Use this field when you require different checks for different versions.</p>
Expand Down
6 changes: 3 additions & 3 deletions src/content/docs/rules/compression-rules/index.mdx
Original file line number Diff line number Diff line change
Expand Up @@ -39,9 +39,9 @@ The following fields are commonly used in expressions of compression rules:

| Field in [Expression Builder](/ruleset-engine/rules-language/expressions/edit-expressions/#expression-builder) | Field name |
| -------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------- |
| *Media Type* | [`http.response.content_type.media_type`](/ruleset-engine/rules-language/fields/#field-http-response-content_type-media_type) |
| *File extension* | [`http.request.uri.path.extension`](/ruleset-engine/rules-language/fields/#field-http-request-uri-path-extension) |
| N/A | [`raw.http.request.uri.path.extension`](/ruleset-engine/rules-language/fields/#field-raw-http-request-uri-path-extension) |
| *Media Type* | [`http.response.content_type.media_type`](/ruleset-engine/rules-language/fields/#http-response-content_type-media_type) |
| *File extension* | [`http.request.uri.path.extension`](/ruleset-engine/rules-language/fields/#http-request-uri-path-extension) |
| N/A | [`raw.http.request.uri.path.extension`](/ruleset-engine/rules-language/fields/#raw-http-request-uri-path-extension) |



Expand Down
4 changes: 2 additions & 2 deletions src/content/docs/rules/custom-error-responses/create-api.mdx
Original file line number Diff line number Diff line change
Expand Up @@ -34,9 +34,9 @@ Follow this workflow to create a custom error response rule for a given zone via

The examples in this section use the following fields in their rule expressions:

* [`http.response.code`](/ruleset-engine/rules-language/fields/#field-http-response-code): Represents the HTTP status code returned to the client, either set by a Cloudflare product or returned by the origin server. Use this field to customize the error response for error codes returned by the origin server or by a Cloudflare product such as a Worker.
* [`http.response.code`](/ruleset-engine/rules-language/fields/#http-response-code): Represents the HTTP status code returned to the client, either set by a Cloudflare product or returned by the origin server. Use this field to customize the error response for error codes returned by the origin server or by a Cloudflare product such as a Worker.

* [`cf.response.1xxx_code`](/ruleset-engine/rules-language/fields/#field-cf-response-1xxx_code): Contains the specific error code for Cloudflare-generated errors. This field will only work for Cloudflare-generated errors such as [52x](/support/troubleshooting/cloudflare-errors/troubleshooting-cloudflare-5xx-errors/) and [1xxx](/support/troubleshooting/cloudflare-errors/troubleshooting-cloudflare-1xxx-errors/).
* [`cf.response.1xxx_code`](/ruleset-engine/rules-language/fields/#cf-response-1xxx_code): Contains the specific error code for Cloudflare-generated errors. This field will only work for Cloudflare-generated errors such as [52x](/support/troubleshooting/cloudflare-errors/troubleshooting-cloudflare-5xx-errors/) and [1xxx](/support/troubleshooting/cloudflare-errors/troubleshooting-cloudflare-1xxx-errors/).

### Custom JSON response for all 5xx errors

Expand Down
2 changes: 1 addition & 1 deletion src/content/docs/rules/reference/troubleshooting.mdx
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ import { Example } from "~/components"

If you are issuing a [challenge](/waf/reference/cloudflare-challenges/) for a given URI path that has one or more Rules features enabled, you should exclude URI paths starting with `/cdn-cgi/challenge-platform/` in your rule expressions to avoid challenge loops.

For example, define a compound expression for your rule using the `and` operator and the [`starts_with()`](/ruleset-engine/rules-language/functions/#function-starts_with) function:
For example, define a compound expression for your rule using the `and` operator and the [`starts_with()`](/ruleset-engine/rules-language/functions/#starts_with) function:

```txt
<OTHER_RULE_CONDITIONS> and not starts_with(http.request.uri, "/cdn-cgi/challenge-platform/")
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ description: Create a rewrite URL rule (part of Transform Rules) to rewrite

import { Example } from "~/components"

To rewrite everything under `/blog/<PATH>` to `/marketing/<PATH>` you must modify the first component of the path (`/blog/`). Create a rewrite URL rule and use the [`regex_replace()`](/ruleset-engine/rules-language/functions/#function-regex_replace) function for this purpose:
To rewrite everything under `/blog/<PATH>` to `/marketing/<PATH>` you must modify the first component of the path (`/blog/`). Create a rewrite URL rule and use the [`regex_replace()`](/ruleset-engine/rules-language/functions/#regex_replace) function for this purpose:

<Example>

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -32,4 +32,4 @@ concat("/archive", http.request.uri.path)

</Example>

The filter uses the [`starts_with()`](/ruleset-engine/rules-language/functions/#function-starts_with) function all paths starting with `/news/2012/`. The dynamic path rewrite uses the [`concat()`](/ruleset-engine/rules-language/functions/#function-concat) function to concatenate a prefix to the original URL path of the HTTP request.
The filter uses the [`starts_with()`](/ruleset-engine/rules-language/functions/#starts_with) function all paths starting with `/news/2012/`. The dynamic path rewrite uses the [`concat()`](/ruleset-engine/rules-language/functions/#concat) function to concatenate a prefix to the original URL path of the HTTP request.
Loading

0 comments on commit af7e3ff

Please sign in to comment.