Class SqliMatchStatement

java.lang.Object
software.amazon.awssdk.services.wafv2.model.SqliMatchStatement
All Implemented Interfaces:
Serializable, SdkPojo, ToCopyableBuilder<SqliMatchStatement.Builder,SqliMatchStatement>
@Generated("software.amazon.awssdk:codegen") public final class SqliMatchStatement extends Object implements SdkPojo, Serializable, ToCopyableBuilder<SqliMatchStatement.Builder,SqliMatchStatement>

A rule statement that inspects for malicious SQL code. Attackers insert malicious SQL code into web requests to do things like modify your database or extract data from it.

See Also:

  • Method Details

    • fieldToMatch

      public final FieldToMatch fieldToMatch()

      The part of the web request that you want WAF to inspect.

      Returns:
      The part of the web request that you want WAF to inspect.

    • hasTextTransformations

      public final boolean hasTextTransformations()
      For responses, this returns true if the service returned a value for the TextTransformations property. This DOES NOT check that the value is non-empty (for which, you should check the isEmpty() method on the property). This is useful because the SDK will never return a null collection or map, but you may need to differentiate between the service returning nothing (or null) and the service returning an empty collection or map. For requests, this returns true if a value for the property was specified in the request builder, and false if a value was not specified.

    • textTransformations

      public final List<TextTransformation> textTransformations()

      Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the FieldToMatch request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents.

      Attempts to modify the collection returned by this method will result in an UnsupportedOperationException.

      This method will never return null. If you would like to know whether the service returned this field (so that you can differentiate between null and empty), you can use the hasTextTransformations() method.

      Returns:
      Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the FieldToMatch request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents.

    • sensitivityLevel

      public final SensitivityLevel sensitivityLevel()

      The sensitivity that you want WAF to use to inspect for SQL injection attacks.

      HIGH detects more attacks, but might generate more false positives, especially if your web requests frequently contain unusual strings. For information about identifying and mitigating false positives, see Testing and tuning in the WAF Developer Guide.

      LOW is generally a better choice for resources that already have other protections against SQL injection attacks or that have a low tolerance for false positives.

      Default: LOW

      If the service returns an enum value that is not available in the current SDK version, sensitivityLevel will return SensitivityLevel.UNKNOWN_TO_SDK_VERSION. The raw value returned by the service is available from sensitivityLevelAsString().

      Returns:
      The sensitivity that you want WAF to use to inspect for SQL injection attacks.

      HIGH detects more attacks, but might generate more false positives, especially if your web requests frequently contain unusual strings. For information about identifying and mitigating false positives, see Testing and tuning in the WAF Developer Guide.

      LOW is generally a better choice for resources that already have other protections against SQL injection attacks or that have a low tolerance for false positives.

      Default: LOW

      See Also:

    • sensitivityLevelAsString

      public final String sensitivityLevelAsString()

      The sensitivity that you want WAF to use to inspect for SQL injection attacks.

      HIGH detects more attacks, but might generate more false positives, especially if your web requests frequently contain unusual strings. For information about identifying and mitigating false positives, see Testing and tuning in the WAF Developer Guide.

      LOW is generally a better choice for resources that already have other protections against SQL injection attacks or that have a low tolerance for false positives.

      Default: LOW

      If the service returns an enum value that is not available in the current SDK version, sensitivityLevel will return SensitivityLevel.UNKNOWN_TO_SDK_VERSION. The raw value returned by the service is available from sensitivityLevelAsString().

      Returns:
      The sensitivity that you want WAF to use to inspect for SQL injection attacks.

      HIGH detects more attacks, but might generate more false positives, especially if your web requests frequently contain unusual strings. For information about identifying and mitigating false positives, see Testing and tuning in the WAF Developer Guide.

      LOW is generally a better choice for resources that already have other protections against SQL injection attacks or that have a low tolerance for false positives.

      Default: LOW

      See Also:

    • toBuilder

      public SqliMatchStatement.Builder toBuilder()
      Description copied from interface: ToCopyableBuilder
      Take this object and create a builder that contains all of the current property values of this object.
      Specified by:
      toBuilder in interface ToCopyableBuilder<SqliMatchStatement.Builder,SqliMatchStatement>
      Returns:
      a builder for type T

    • builder

      public static SqliMatchStatement.Builder builder()

    • serializableBuilderClass

      public static Class<? extends SqliMatchStatement.Builder> serializableBuilderClass()

    • hashCode

      public final int hashCode()
      Overrides:
      hashCode in class Object

    • equals

      public final boolean equals(Object obj)
      Overrides:
      equals in class Object

    • equalsBySdkFields

      public final boolean equalsBySdkFields(Object obj)
      Description copied from interface: SdkPojo
      Indicates whether some other object is "equal to" this one by SDK fields. An SDK field is a modeled, non-inherited field in an SdkPojo class, and is generated based on a service model.

      If an SdkPojo class does not have any inherited fields, equalsBySdkFields and equals are essentially the same.

      Specified by:
      equalsBySdkFields in interface SdkPojo
      Parameters:
      obj - the object to be compared with
      Returns:
      true if the other object equals to this object by sdk fields, false otherwise.

    • toString

      public final String toString()
      Returns a string representation of this object. This is useful for testing and debugging. Sensitive data will be redacted from this string using a placeholder value.
      Overrides:
      toString in class Object

    • getValueForField

      public final <T> Optional<T> getValueForField(String fieldName, Class<T> clazz)

    • sdkFields

      public final List<SdkField<?>> sdkFields()
      Specified by:
      sdkFields in interface SdkPojo
      Returns:
      List of SdkField in this POJO. May be empty list but should never be null.

    • sdkFieldNameToField

      public final Map<String,SdkField<?>> sdkFieldNameToField()
      Specified by:
      sdkFieldNameToField in interface SdkPojo
      Returns:
      The mapping between the field name and its corresponding field.