Statement class

The processing guidance for a Rule, used by AWS WAF to determine whether a web request matches the rule.

Constructors

Statement({AndStatement? andStatement, ByteMatchStatement? byteMatchStatement, GeoMatchStatement? geoMatchStatement, IPSetReferenceStatement? iPSetReferenceStatement, ManagedRuleGroupStatement? managedRuleGroupStatement, NotStatement? notStatement, OrStatement? orStatement, RateBasedStatement? rateBasedStatement, RegexPatternSetReferenceStatement? regexPatternSetReferenceStatement, RuleGroupReferenceStatement? ruleGroupReferenceStatement, SizeConstraintStatement? sizeConstraintStatement, SqliMatchStatement? sqliMatchStatement, XssMatchStatement? xssMatchStatement})

Statement.fromJson(Map<String, dynamic> json)

factory

Properties

andStatement → AndStatement?

A logical rule statement used to combine other rule statements with AND logic. You provide more than one Statement within the AndStatement.

final

byteMatchStatement → ByteMatchStatement?

A rule statement that defines a string match search for AWS WAF to apply to web requests. The byte match statement provides the bytes to search for, the location in requests that you want AWS WAF to search, and other settings. The bytes to search for are typically a string that corresponds with ASCII characters. In the AWS WAF console and the developer guide, this is refered to as a string match statement.

final

geoMatchStatement → GeoMatchStatement?

A rule statement used to identify web requests based on country of origin.

final

hashCode → int

The hash code for this object.

no setter, inherited

iPSetReferenceStatement → IPSetReferenceStatement?

A rule statement used to detect web requests coming from particular IP addresses or address ranges. To use this, create an IPSet that specifies the addresses you want to detect, then use the ARN of that set in this statement. To create an IP set, see CreateIPSet.

final

managedRuleGroupStatement → ManagedRuleGroupStatement?

A rule statement used to run the rules that are defined in a managed rule group. To use this, provide the vendor name and the name of the rule group in this statement. You can retrieve the required names by calling ListAvailableManagedRuleGroups.

final

notStatement → NotStatement?

A logical rule statement used to negate the results of another rule statement. You provide one Statement within the NotStatement.

final

orStatement → OrStatement?

A logical rule statement used to combine other rule statements with OR logic. You provide more than one Statement within the OrStatement.

final

rateBasedStatement → RateBasedStatement?

A rate-based rule tracks the rate of requests for each originating IP address, and triggers the rule action when the rate exceeds a limit that you specify on the number of requests in any 5-minute time span. You can use this to put a temporary block on requests from an IP address that is sending excessive requests.

final

regexPatternSetReferenceStatement → RegexPatternSetReferenceStatement?

A rule statement used to search web request components for matches with regular expressions. To use this, create a RegexPatternSet that specifies the expressions that you want to detect, then use the ARN of that set in this statement. A web request matches the pattern set rule statement if the request component matches any of the patterns in the set. To create a regex pattern set, see CreateRegexPatternSet.

final

ruleGroupReferenceStatement → RuleGroupReferenceStatement?

A rule statement used to run the rules that are defined in a RuleGroup. To use this, create a rule group with your rules, then provide the ARN of the rule group in this statement.

final

runtimeType → Type

A representation of the runtime type of the object.

no setter, inherited

sizeConstraintStatement → SizeConstraintStatement?

A rule statement that compares a number of bytes against the size of a request component, using a comparison operator, such as greater than (>) or less than (<). For example, you can use a size constraint statement to look for query strings that are longer than 100 bytes.

final

sqliMatchStatement → SqliMatchStatement?

Attackers sometimes insert malicious SQL code into web requests in an effort to extract data from your database. To allow or block web requests that appear to contain malicious SQL code, create one or more SQL injection match conditions. An SQL injection match condition identifies the part of web requests, such as the URI or the query string, that you want AWS WAF to inspect. Later in the process, when you create a web ACL, you specify whether to allow or block requests that appear to contain malicious SQL code.

final

xssMatchStatement → XssMatchStatement?

A rule statement that defines a cross-site scripting (XSS) match search for AWS WAF to apply to web requests. XSS attacks are those where the attacker uses vulnerabilities in a benign website as a vehicle to inject malicious client-site scripts into other legitimate web browsers. The XSS match statement provides the location in requests that you want AWS WAF to search and text transformations to use on the search area before AWS WAF searches for character sequences that are likely to be malicious strings.

final

Methods

noSuchMethod(Invocation invocation) → dynamic

Invoked when a nonexistent method or property is accessed.

inherited

toJson() → Map<String, dynamic>

toString() → String

A string representation of this object.

inherited

Operators

operator ==(Object other) → bool

The equality operator.

inherited