diff --git a/backend/sdk/src/main/resources/plugins/request-block/README.md b/backend/sdk/src/main/resources/plugins/request-block/README.md index 95c3cdec..cd350339 100644 --- a/backend/sdk/src/main/resources/plugins/request-block/README.md +++ b/backend/sdk/src/main/resources/plugins/request-block/README.md @@ -14,14 +14,16 @@ description: 请求屏蔽插件配置参考 ## 配置字段 -| 名称 | 数据类型 | 填写要求 | 默认值 | 描述 | -| -------- | -------- | -------- | -------- | -------- | -| block_urls | array of string | 选填,`block_urls`,`block_headers`,`block_bodies` 中至少必填一项 | - | 配置用于匹配需要屏蔽 URL 的字符串 | -| block_headers | array of string | 选填,`block_urls`,`block_headers`,`block_bodies` 中至少必填一项 | - | 配置用于匹配需要屏蔽请求 Header 的字符串 | -| block_bodies | array of string | 选填,`block_urls`,`block_headers`,`block_bodies` 中至少必填一项 | - | 配置用于匹配需要屏蔽请求 Body 的字符串 | -| blocked_code | number | 选填 | 403 | 配置请求被屏蔽时返回的 HTTP 状态码 | -| blocked_message | string | 选填 | - | 配置请求被屏蔽时返回的 HTTP 应答 Body | -| case_sensitive | bool | 选填 | true | 配置匹配时是否区分大小写,默认区分 | +| 名称 | 数据类型 | 填写要求 | 默认值 | 描述 | +| -------- | -------- | -------- | -------- | -------- | +| block_urls | array of string | 选填,`block_urls`,`block_exact_urls`,`block_regexp_urls`,`block_headers`,`block_bodies` 中至少必填一项 | - | 配置用于匹配需要屏蔽 URL 的字符串 | +| block_exact_urls | array of string | 选填,`block_urls`,`block_exact_urls`,`block_regexp_urls`,`block_headers`,`block_bodies` 中至少必填一项 | - | 配置用于匹配需要精确屏蔽 URL 的字符串 | +| block_regexp_urls | array of string | 选填,`block_urls`,`block_exact_urls`,`block_regexp_urls`,`block_headers`,`block_bodies` 中至少必填一项 | - | 配置用于匹配需要屏蔽 URL 的正则表达式 | +| block_headers | array of string | 选填,`block_urls`,`block_exact_urls`,`block_regexp_urls`,`block_headers`,`block_bodies` 中至少必填一项 | - | 配置用于匹配需要屏蔽请求 Header 的字符串 | +| block_bodies | array of string | 选填,`block_urls`,`block_exact_urls`,`block_regexp_urls`,`block_headers`,`block_bodies` 中至少必填一项 | - | 配置用于匹配需要屏蔽请求 Body 的字符串 | +| blocked_code | number | 选填 | 403 | 配置请求被屏蔽时返回的 HTTP 状态码 | +| blocked_message | string | 选填 | - | 配置请求被屏蔽时返回的 HTTP 应答 Body | +| case_sensitive | bool | 选填 | true | 配置匹配时是否区分大小写,默认区分 | ## 配置示例 @@ -40,6 +42,35 @@ curl http://example.com?foo=Bar curl http://exmaple.com/Swagger.html ``` + +### 屏蔽精确匹配的请求 url 路径 + +```yaml +block_exact_urls: +- /swagger.html?foo=bar +case_sensitive: false +``` + +根据该配置,下列请求将被禁止访问: + +```bash +curl http://exmaple.com/Swagger.html?foo=Bar +``` + +### 屏蔽正则匹配的请求 url 路径 + +```yaml +block_exact_urls: +- .*swagger.* +case_sensitive: false +``` + +根据该配置,下列请求将被禁止访问: + +```bash +curl http://exmaple.com/Swagger.html?foo=Bar +``` + ### 屏蔽请求 header ```yaml block_headers: diff --git a/backend/sdk/src/main/resources/plugins/request-block/README_EN.md b/backend/sdk/src/main/resources/plugins/request-block/README_EN.md index 97a0b46b..e22e524b 100644 --- a/backend/sdk/src/main/resources/plugins/request-block/README_EN.md +++ b/backend/sdk/src/main/resources/plugins/request-block/README_EN.md @@ -12,14 +12,16 @@ Plugin Execution Stage: `Authentication Stage` Plugin Execution Priority: `320` ## Configuration Fields -| Name | Data Type | Fill Requirement | Default Value | Description | -|--------------------|--------------------|---------------------------------------------------------|---------------|------------------------------------------------------------| -| block_urls | array of string | Optional, at least one of `block_urls`, `block_headers`, `block_bodies` must be filled | - | Configure strings for matching URLs that need to be blocked | -| block_headers | array of string | Optional, at least one of `block_urls`, `block_headers`, `block_bodies` must be filled | - | Configure strings for matching request headers that need to be blocked | -| block_bodies | array of string | Optional, at least one of `block_urls`, `block_headers`, `block_bodies` must be filled | - | Configure strings for matching request bodies that need to be blocked | -| blocked_code | number | Optional | 403 | Configure the HTTP status code returned when a request is blocked | -| blocked_message | string | Optional | - | Configure the HTTP response body returned when a request is blocked | -| case_sensitive | bool | Optional | true | Configure whether matching is case-sensitive, default is case-sensitive | +| Name | Data Type | Filling Requirement | Default Value | Description | +| ----------------- | --------------- | ------------------------------------------------------------------------------------------------------------------- | ------------- | ------------------------------------------------ | +| block_urls | array of string | Optional, at least one of `block_urls`, `block_exact_urls`, `block_regexp_urls`, `block_headers`, `block_bodies` must be filled | - | Configure strings for matching URLs to be blocked | +| block_exact_urls | array of string | Optional, at least one of `block_urls`, `block_exact_urls`, `block_regexp_urls`, `block_headers`, `block_bodies` must be filled | - | Configure strings for exactly matching URLs to be blocked | +| block_regexp_urls | array of string | Optional, at least one of `block_urls`, `block_exact_urls`, `block_regexp_urls`, `block_headers`, `block_bodies` must be filled | - | Configure regular expressions for matching URLs to be blocked | +| block_headers | array of string | Optional, at least one of `block_urls`, `block_exact_urls`, `block_regexp_urls`, `block_headers`, `block_bodies` must be filled | - | Configure strings for matching request headers to be blocked | +| block_bodies | array of string | Optional, at least one of `block_urls`, `block_exact_urls`, `block_regexp_urls`, `block_headers`, `block_bodies` must be filled | - | Configure strings for matching request bodies to be blocked | +| blocked_code | number | Optional | 403 | Configure the HTTP status code to return when a request is blocked | +| blocked_message | string | Optional | - | Configure the HTTP response body to return when a request is blocked | +| case_sensitive | bool | Optional | true | Configure whether case sensitivity is considered during matching, default is case-sensitive | ## Configuration Example ### Blocking Request URL Paths @@ -36,6 +38,34 @@ curl http://example.com?foo=Bar curl http://exmaple.com/Swagger.html ``` +### Block requests with exact URL path matches + +```yaml +block_exact_urls: +- /swagger.html?foo=bar +case_sensitive: false +``` + +Based on this configuration, the following request will be blocked: + +```bash +curl http://exmaple.com/Swagger.html?foo=Bar +``` + +### Block requests with URL path regex matches + +```yaml +block_exact_urls: +- .*swagger.* +case_sensitive: false +``` + +Based on this configuration, the following request will be blocked: + +```bash +curl http://exmaple.com/Swagger.html?foo=Bar +``` + ### Blocking Request Headers ```yaml block_headers: