Package software.amazon.awssdk.services.wafv2.model

Class SqliMatchStatement

    • Method Detail

      • fieldToMatch

        public final FieldToMatch fieldToMatch()

        The part of the web request that you want WAF to inspect.

        Returns:
        The part of the web request that you want WAF to inspect.

      • hasTextTransformations

        public final boolean hasTextTransformations()
        For responses, this returns true if the service returned a value for the TextTransformations property. This DOES NOT check that the value is non-empty (for which, you should check the isEmpty() method on the property). This is useful because the SDK will never return a null collection or map, but you may need to differentiate between the service returning nothing (or null) and the service returning an empty collection or map. For requests, this returns true if a value for the property was specified in the request builder, and false if a value was not specified.

      • textTransformations

        public final List<TextTransformation> textTransformations()

        Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the FieldToMatch request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents.

        Attempts to modify the collection returned by this method will result in an UnsupportedOperationException.

        This method will never return null. If you would like to know whether the service returned this field (so that you can differentiate between null and empty), you can use the hasTextTransformations() method.

        Returns:
        Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the FieldToMatch request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents.

      • sensitivityLevel

        public final SensitivityLevel sensitivityLevel()

        The sensitivity that you want WAF to use to inspect for SQL injection attacks.

        HIGH detects more attacks, but might generate more false positives, especially if your web requests frequently contain unusual strings. For information about identifying and mitigating false positives, see Testing and tuning in the WAF Developer Guide.

        LOW is generally a better choice for resources that already have other protections against SQL injection attacks or that have a low tolerance for false positives.

        Default: LOW

        If the service returns an enum value that is not available in the current SDK version, sensitivityLevel will return SensitivityLevel.UNKNOWN_TO_SDK_VERSION. The raw value returned by the service is available from sensitivityLevelAsString().

        Returns:
        The sensitivity that you want WAF to use to inspect for SQL injection attacks.

        HIGH detects more attacks, but might generate more false positives, especially if your web requests frequently contain unusual strings. For information about identifying and mitigating false positives, see Testing and tuning in the WAF Developer Guide.

        LOW is generally a better choice for resources that already have other protections against SQL injection attacks or that have a low tolerance for false positives.

        Default: LOW

        See Also:
        SensitivityLevel

      • sensitivityLevelAsString

        public final String sensitivityLevelAsString()

        The sensitivity that you want WAF to use to inspect for SQL injection attacks.

        HIGH detects more attacks, but might generate more false positives, especially if your web requests frequently contain unusual strings. For information about identifying and mitigating false positives, see Testing and tuning in the WAF Developer Guide.

        LOW is generally a better choice for resources that already have other protections against SQL injection attacks or that have a low tolerance for false positives.

        Default: LOW

        If the service returns an enum value that is not available in the current SDK version, sensitivityLevel will return SensitivityLevel.UNKNOWN_TO_SDK_VERSION. The raw value returned by the service is available from sensitivityLevelAsString().

        Returns:
        The sensitivity that you want WAF to use to inspect for SQL injection attacks.

        HIGH detects more attacks, but might generate more false positives, especially if your web requests frequently contain unusual strings. For information about identifying and mitigating false positives, see Testing and tuning in the WAF Developer Guide.

        LOW is generally a better choice for resources that already have other protections against SQL injection attacks or that have a low tolerance for false positives.

        Default: LOW

        See Also:
        SensitivityLevel

      • hashCode

        public final int hashCode()
        Overrides:
        hashCode in class Object

      • equals

        public final boolean equals​(Object obj)
        Overrides:
        equals in class Object

      • toString

        public final String toString()
        Returns a string representation of this object. This is useful for testing and debugging. Sensitive data will be redacted from this string using a placeholder value.
        Overrides:
        toString in class Object

      • getValueForField

        public final <T> Optional<T> getValueForField​(String fieldName,
                                              Class<T> clazz)