Allow rules are a kind of white list filter. They define which requests are allowed.
There are two conditions that must be met by an HTTP request in order to be allowed for further processing:
- ●There must be at least one applicable allow rule.
- ●Each applicable allow rule must be satisfied by the HTTP request.
An allow rule is applicable if the path of a request URL matches the configured path pattern.
An allow rule is satisfied by a HTTP request if it is applicable and the HTTP request satisfies all criteria defined by the allow rule.
During processing of an HTTP request, allow rules are applied first. Deny rules are only applied if the allow rules allow the request.
Allow rule examples
Suppose you have a mapping with the following allow rule configuration.
Allow rules The following allow rules are configured:
| Example requests The examples below show which requests will be allowed or blocked based on the allow rule configuration.
More than one allow rules are applicable and all of them are satisfied by the HTTP request. Therefore, the request is allowed.
More than one allow rules are applicable and all of them are satisfied by the HTTP request. Therefore, the request is allowed.
More than one allow rules are applicable but not all of them are satisfied by the HTTP request. Therefore, the request is blocked. |
The allow rule Wiki_http_methods contains a path pattern with a negative lookahead. The regex excludes /dokuwiki/comment.php allow additional HTTP methods in another allow rule for comment.php.
Filtering JSON attributes
Airlock Microgateway automatically generates parameters from JSON objects. These JSON parameters are treated like parameters in GET or POST requests. For details please refer to the JSON filtering page.