{-# LANGUAGE DeriveGeneric #-} {-# LANGUAGE DuplicateRecordFields #-} {-# LANGUAGE NamedFieldPuns #-} {-# LANGUAGE OverloadedStrings #-} {-# LANGUAGE RecordWildCards #-} {-# LANGUAGE StrictData #-} {-# LANGUAGE NoImplicitPrelude #-} {-# OPTIONS_GHC -fno-warn-unused-imports #-} {-# OPTIONS_GHC -fno-warn-unused-matches #-} -- Derived from AWS service descriptions, licensed under Apache 2.0. -- | -- Module : Amazonka.WAF.Types.SqlInjectionMatchTuple -- Copyright : (c) 2013-2021 Brendan Hay -- License : Mozilla Public License, v. 2.0. -- Maintainer : Brendan Hay <brendan.g.hay+amazonka@gmail.com> -- Stability : auto-generated -- Portability : non-portable (GHC extensions) module Amazonka.WAF.Types.SqlInjectionMatchTuple where import qualified Amazonka.Core as Core import qualified Amazonka.Lens as Lens import qualified Amazonka.Prelude as Prelude import Amazonka.WAF.Types.FieldToMatch import Amazonka.WAF.Types.TextTransformation -- | This is __AWS WAF Classic__ documentation. For more information, see -- <https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html AWS WAF Classic> -- in the developer guide. -- -- __For the latest version of AWS WAF__, use the AWS WAFV2 API and see the -- <https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html AWS WAF Developer Guide>. -- With the latest version, AWS WAF has a single set of endpoints for -- regional and global use. -- -- Specifies the part of a web request that you want AWS WAF to inspect for -- snippets of malicious SQL code and, if you want AWS WAF to inspect a -- header, the name of the header. -- -- /See:/ 'newSqlInjectionMatchTuple' smart constructor. data SqlInjectionMatchTuple = SqlInjectionMatchTuple' { -- | Specifies where in a web request to look for snippets of malicious SQL -- code. SqlInjectionMatchTuple -> FieldToMatch fieldToMatch :: FieldToMatch, -- | Text transformations eliminate some of the unusual formatting that -- attackers use in web requests in an effort to bypass AWS WAF. If you -- specify a transformation, AWS WAF performs the transformation on -- @FieldToMatch@ before inspecting it for a match. -- -- You can only specify a single type of TextTransformation. -- -- __CMD_LINE__ -- -- When you\'re concerned that attackers are injecting an operating system -- command line command and using unusual formatting to disguise some or -- all of the command, use this option to perform the following -- transformations: -- -- - Delete the following characters: \\ \" \' ^ -- -- - Delete spaces before the following characters: \/ ( -- -- - Replace the following characters with a space: , ; -- -- - Replace multiple spaces with one space -- -- - Convert uppercase letters (A-Z) to lowercase (a-z) -- -- __COMPRESS_WHITE_SPACE__ -- -- Use this option to replace the following characters with a space -- character (decimal 32): -- -- - \\f, formfeed, decimal 12 -- -- - \\t, tab, decimal 9 -- -- - \\n, newline, decimal 10 -- -- - \\r, carriage return, decimal 13 -- -- - \\v, vertical tab, decimal 11 -- -- - non-breaking space, decimal 160 -- -- @COMPRESS_WHITE_SPACE@ also replaces multiple spaces with one space. -- -- __HTML_ENTITY_DECODE__ -- -- Use this option to replace HTML-encoded characters with unencoded -- characters. @HTML_ENTITY_DECODE@ performs the following operations: -- -- - Replaces @(ampersand)quot;@ with @\"@ -- -- - Replaces @(ampersand)nbsp;@ with a non-breaking space, decimal 160 -- -- - Replaces @(ampersand)lt;@ with a \"less than\" symbol -- -- - Replaces @(ampersand)gt;@ with @>@ -- -- - Replaces characters that are represented in hexadecimal format, -- @(ampersand)#xhhhh;@, with the corresponding characters -- -- - Replaces characters that are represented in decimal format, -- @(ampersand)#nnnn;@, with the corresponding characters -- -- __LOWERCASE__ -- -- Use this option to convert uppercase letters (A-Z) to lowercase (a-z). -- -- __URL_DECODE__ -- -- Use this option to decode a URL-encoded value. -- -- __NONE__ -- -- Specify @NONE@ if you don\'t want to perform any text transformations. SqlInjectionMatchTuple -> TextTransformation textTransformation :: TextTransformation } deriving (SqlInjectionMatchTuple -> SqlInjectionMatchTuple -> Bool (SqlInjectionMatchTuple -> SqlInjectionMatchTuple -> Bool) -> (SqlInjectionMatchTuple -> SqlInjectionMatchTuple -> Bool) -> Eq SqlInjectionMatchTuple forall a. (a -> a -> Bool) -> (a -> a -> Bool) -> Eq a /= :: SqlInjectionMatchTuple -> SqlInjectionMatchTuple -> Bool $c/= :: SqlInjectionMatchTuple -> SqlInjectionMatchTuple -> Bool == :: SqlInjectionMatchTuple -> SqlInjectionMatchTuple -> Bool $c== :: SqlInjectionMatchTuple -> SqlInjectionMatchTuple -> Bool Prelude.Eq, ReadPrec [SqlInjectionMatchTuple] ReadPrec SqlInjectionMatchTuple Int -> ReadS SqlInjectionMatchTuple ReadS [SqlInjectionMatchTuple] (Int -> ReadS SqlInjectionMatchTuple) -> ReadS [SqlInjectionMatchTuple] -> ReadPrec SqlInjectionMatchTuple -> ReadPrec [SqlInjectionMatchTuple] -> Read SqlInjectionMatchTuple forall a. (Int -> ReadS a) -> ReadS [a] -> ReadPrec a -> ReadPrec [a] -> Read a readListPrec :: ReadPrec [SqlInjectionMatchTuple] $creadListPrec :: ReadPrec [SqlInjectionMatchTuple] readPrec :: ReadPrec SqlInjectionMatchTuple $creadPrec :: ReadPrec SqlInjectionMatchTuple readList :: ReadS [SqlInjectionMatchTuple] $creadList :: ReadS [SqlInjectionMatchTuple] readsPrec :: Int -> ReadS SqlInjectionMatchTuple $creadsPrec :: Int -> ReadS SqlInjectionMatchTuple Prelude.Read, Int -> SqlInjectionMatchTuple -> ShowS [SqlInjectionMatchTuple] -> ShowS SqlInjectionMatchTuple -> String (Int -> SqlInjectionMatchTuple -> ShowS) -> (SqlInjectionMatchTuple -> String) -> ([SqlInjectionMatchTuple] -> ShowS) -> Show SqlInjectionMatchTuple forall a. (Int -> a -> ShowS) -> (a -> String) -> ([a] -> ShowS) -> Show a showList :: [SqlInjectionMatchTuple] -> ShowS $cshowList :: [SqlInjectionMatchTuple] -> ShowS show :: SqlInjectionMatchTuple -> String $cshow :: SqlInjectionMatchTuple -> String showsPrec :: Int -> SqlInjectionMatchTuple -> ShowS $cshowsPrec :: Int -> SqlInjectionMatchTuple -> ShowS Prelude.Show, (forall x. SqlInjectionMatchTuple -> Rep SqlInjectionMatchTuple x) -> (forall x. Rep SqlInjectionMatchTuple x -> SqlInjectionMatchTuple) -> Generic SqlInjectionMatchTuple forall x. Rep SqlInjectionMatchTuple x -> SqlInjectionMatchTuple forall x. SqlInjectionMatchTuple -> Rep SqlInjectionMatchTuple x forall a. (forall x. a -> Rep a x) -> (forall x. Rep a x -> a) -> Generic a $cto :: forall x. Rep SqlInjectionMatchTuple x -> SqlInjectionMatchTuple $cfrom :: forall x. SqlInjectionMatchTuple -> Rep SqlInjectionMatchTuple x Prelude.Generic) -- | -- Create a value of 'SqlInjectionMatchTuple' with all optional fields omitted. -- -- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields. -- -- The following record fields are available, with the corresponding lenses provided -- for backwards compatibility: -- -- 'fieldToMatch', 'sqlInjectionMatchTuple_fieldToMatch' - Specifies where in a web request to look for snippets of malicious SQL -- code. -- -- 'textTransformation', 'sqlInjectionMatchTuple_textTransformation' - Text transformations eliminate some of the unusual formatting that -- attackers use in web requests in an effort to bypass AWS WAF. If you -- specify a transformation, AWS WAF performs the transformation on -- @FieldToMatch@ before inspecting it for a match. -- -- You can only specify a single type of TextTransformation. -- -- __CMD_LINE__ -- -- When you\'re concerned that attackers are injecting an operating system -- command line command and using unusual formatting to disguise some or -- all of the command, use this option to perform the following -- transformations: -- -- - Delete the following characters: \\ \" \' ^ -- -- - Delete spaces before the following characters: \/ ( -- -- - Replace the following characters with a space: , ; -- -- - Replace multiple spaces with one space -- -- - Convert uppercase letters (A-Z) to lowercase (a-z) -- -- __COMPRESS_WHITE_SPACE__ -- -- Use this option to replace the following characters with a space -- character (decimal 32): -- -- - \\f, formfeed, decimal 12 -- -- - \\t, tab, decimal 9 -- -- - \\n, newline, decimal 10 -- -- - \\r, carriage return, decimal 13 -- -- - \\v, vertical tab, decimal 11 -- -- - non-breaking space, decimal 160 -- -- @COMPRESS_WHITE_SPACE@ also replaces multiple spaces with one space. -- -- __HTML_ENTITY_DECODE__ -- -- Use this option to replace HTML-encoded characters with unencoded -- characters. @HTML_ENTITY_DECODE@ performs the following operations: -- -- - Replaces @(ampersand)quot;@ with @\"@ -- -- - Replaces @(ampersand)nbsp;@ with a non-breaking space, decimal 160 -- -- - Replaces @(ampersand)lt;@ with a \"less than\" symbol -- -- - Replaces @(ampersand)gt;@ with @>@ -- -- - Replaces characters that are represented in hexadecimal format, -- @(ampersand)#xhhhh;@, with the corresponding characters -- -- - Replaces characters that are represented in decimal format, -- @(ampersand)#nnnn;@, with the corresponding characters -- -- __LOWERCASE__ -- -- Use this option to convert uppercase letters (A-Z) to lowercase (a-z). -- -- __URL_DECODE__ -- -- Use this option to decode a URL-encoded value. -- -- __NONE__ -- -- Specify @NONE@ if you don\'t want to perform any text transformations. newSqlInjectionMatchTuple :: -- | 'fieldToMatch' FieldToMatch -> -- | 'textTransformation' TextTransformation -> SqlInjectionMatchTuple newSqlInjectionMatchTuple :: FieldToMatch -> TextTransformation -> SqlInjectionMatchTuple newSqlInjectionMatchTuple FieldToMatch pFieldToMatch_ TextTransformation pTextTransformation_ = SqlInjectionMatchTuple' :: FieldToMatch -> TextTransformation -> SqlInjectionMatchTuple SqlInjectionMatchTuple' { $sel:fieldToMatch:SqlInjectionMatchTuple' :: FieldToMatch fieldToMatch = FieldToMatch pFieldToMatch_, $sel:textTransformation:SqlInjectionMatchTuple' :: TextTransformation textTransformation = TextTransformation pTextTransformation_ } -- | Specifies where in a web request to look for snippets of malicious SQL -- code. sqlInjectionMatchTuple_fieldToMatch :: Lens.Lens' SqlInjectionMatchTuple FieldToMatch sqlInjectionMatchTuple_fieldToMatch :: (FieldToMatch -> f FieldToMatch) -> SqlInjectionMatchTuple -> f SqlInjectionMatchTuple sqlInjectionMatchTuple_fieldToMatch = (SqlInjectionMatchTuple -> FieldToMatch) -> (SqlInjectionMatchTuple -> FieldToMatch -> SqlInjectionMatchTuple) -> Lens SqlInjectionMatchTuple SqlInjectionMatchTuple FieldToMatch FieldToMatch forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b Lens.lens (\SqlInjectionMatchTuple' {FieldToMatch fieldToMatch :: FieldToMatch $sel:fieldToMatch:SqlInjectionMatchTuple' :: SqlInjectionMatchTuple -> FieldToMatch fieldToMatch} -> FieldToMatch fieldToMatch) (\s :: SqlInjectionMatchTuple s@SqlInjectionMatchTuple' {} FieldToMatch a -> SqlInjectionMatchTuple s {$sel:fieldToMatch:SqlInjectionMatchTuple' :: FieldToMatch fieldToMatch = FieldToMatch a} :: SqlInjectionMatchTuple) -- | Text transformations eliminate some of the unusual formatting that -- attackers use in web requests in an effort to bypass AWS WAF. If you -- specify a transformation, AWS WAF performs the transformation on -- @FieldToMatch@ before inspecting it for a match. -- -- You can only specify a single type of TextTransformation. -- -- __CMD_LINE__ -- -- When you\'re concerned that attackers are injecting an operating system -- command line command and using unusual formatting to disguise some or -- all of the command, use this option to perform the following -- transformations: -- -- - Delete the following characters: \\ \" \' ^ -- -- - Delete spaces before the following characters: \/ ( -- -- - Replace the following characters with a space: , ; -- -- - Replace multiple spaces with one space -- -- - Convert uppercase letters (A-Z) to lowercase (a-z) -- -- __COMPRESS_WHITE_SPACE__ -- -- Use this option to replace the following characters with a space -- character (decimal 32): -- -- - \\f, formfeed, decimal 12 -- -- - \\t, tab, decimal 9 -- -- - \\n, newline, decimal 10 -- -- - \\r, carriage return, decimal 13 -- -- - \\v, vertical tab, decimal 11 -- -- - non-breaking space, decimal 160 -- -- @COMPRESS_WHITE_SPACE@ also replaces multiple spaces with one space. -- -- __HTML_ENTITY_DECODE__ -- -- Use this option to replace HTML-encoded characters with unencoded -- characters. @HTML_ENTITY_DECODE@ performs the following operations: -- -- - Replaces @(ampersand)quot;@ with @\"@ -- -- - Replaces @(ampersand)nbsp;@ with a non-breaking space, decimal 160 -- -- - Replaces @(ampersand)lt;@ with a \"less than\" symbol -- -- - Replaces @(ampersand)gt;@ with @>@ -- -- - Replaces characters that are represented in hexadecimal format, -- @(ampersand)#xhhhh;@, with the corresponding characters -- -- - Replaces characters that are represented in decimal format, -- @(ampersand)#nnnn;@, with the corresponding characters -- -- __LOWERCASE__ -- -- Use this option to convert uppercase letters (A-Z) to lowercase (a-z). -- -- __URL_DECODE__ -- -- Use this option to decode a URL-encoded value. -- -- __NONE__ -- -- Specify @NONE@ if you don\'t want to perform any text transformations. sqlInjectionMatchTuple_textTransformation :: Lens.Lens' SqlInjectionMatchTuple TextTransformation sqlInjectionMatchTuple_textTransformation :: (TextTransformation -> f TextTransformation) -> SqlInjectionMatchTuple -> f SqlInjectionMatchTuple sqlInjectionMatchTuple_textTransformation = (SqlInjectionMatchTuple -> TextTransformation) -> (SqlInjectionMatchTuple -> TextTransformation -> SqlInjectionMatchTuple) -> Lens SqlInjectionMatchTuple SqlInjectionMatchTuple TextTransformation TextTransformation forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b Lens.lens (\SqlInjectionMatchTuple' {TextTransformation textTransformation :: TextTransformation $sel:textTransformation:SqlInjectionMatchTuple' :: SqlInjectionMatchTuple -> TextTransformation textTransformation} -> TextTransformation textTransformation) (\s :: SqlInjectionMatchTuple s@SqlInjectionMatchTuple' {} TextTransformation a -> SqlInjectionMatchTuple s {$sel:textTransformation:SqlInjectionMatchTuple' :: TextTransformation textTransformation = TextTransformation a} :: SqlInjectionMatchTuple) instance Core.FromJSON SqlInjectionMatchTuple where parseJSON :: Value -> Parser SqlInjectionMatchTuple parseJSON = String -> (Object -> Parser SqlInjectionMatchTuple) -> Value -> Parser SqlInjectionMatchTuple forall a. String -> (Object -> Parser a) -> Value -> Parser a Core.withObject String "SqlInjectionMatchTuple" ( \Object x -> FieldToMatch -> TextTransformation -> SqlInjectionMatchTuple SqlInjectionMatchTuple' (FieldToMatch -> TextTransformation -> SqlInjectionMatchTuple) -> Parser FieldToMatch -> Parser (TextTransformation -> SqlInjectionMatchTuple) forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b Prelude.<$> (Object x Object -> Text -> Parser FieldToMatch forall a. FromJSON a => Object -> Text -> Parser a Core..: Text "FieldToMatch") Parser (TextTransformation -> SqlInjectionMatchTuple) -> Parser TextTransformation -> Parser SqlInjectionMatchTuple forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b Prelude.<*> (Object x Object -> Text -> Parser TextTransformation forall a. FromJSON a => Object -> Text -> Parser a Core..: Text "TextTransformation") ) instance Prelude.Hashable SqlInjectionMatchTuple instance Prelude.NFData SqlInjectionMatchTuple instance Core.ToJSON SqlInjectionMatchTuple where toJSON :: SqlInjectionMatchTuple -> Value toJSON SqlInjectionMatchTuple' {FieldToMatch TextTransformation textTransformation :: TextTransformation fieldToMatch :: FieldToMatch $sel:textTransformation:SqlInjectionMatchTuple' :: SqlInjectionMatchTuple -> TextTransformation $sel:fieldToMatch:SqlInjectionMatchTuple' :: SqlInjectionMatchTuple -> FieldToMatch ..} = [Pair] -> Value Core.object ( [Maybe Pair] -> [Pair] forall a. [Maybe a] -> [a] Prelude.catMaybes [ Pair -> Maybe Pair forall a. a -> Maybe a Prelude.Just (Text "FieldToMatch" Text -> FieldToMatch -> Pair forall kv v. (KeyValue kv, ToJSON v) => Text -> v -> kv Core..= FieldToMatch fieldToMatch), Pair -> Maybe Pair forall a. a -> Maybe a Prelude.Just (Text "TextTransformation" Text -> TextTransformation -> Pair forall kv v. (KeyValue kv, ToJSON v) => Text -> v -> kv Core..= TextTransformation textTransformation) ] )