uri-blocker
#
Summary#
NameThe plugin helps we intercept user requests, we only need to indicate the block_rules
.
#
AttributesName | Type | Requirement | Default | Valid | Description |
---|---|---|---|---|---|
block_rules | array[string] | required | Regular filter rule array. Each of these items is a regular rule. If the current request URI hits any one of them, set the response code to rejected_code to exit the current user request. Example: ["root.exe", "root.m+"] . | ||
rejected_code | integer | optional | 403 | [200, ...] | The HTTP status code returned when the request URI hit any of block_rules |
#
How To EnableHere's an example, enable the uri blocker
plugin on the specified route:
curl -i http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d '{ "uri": "/*", "plugins": { "uri-blocker": { "block_rules": ["root.exe", "root.m+"] } }, "upstream": { "type": "roundrobin", "nodes": { "127.0.0.1:1980": 1 } }}'
#
Test Plugin$ curl -i http://127.0.0.1:9080/root.exe?a=aHTTP/1.1 403 ForbiddenDate: Wed, 17 Jun 2020 13:55:41 GMTContent-Type: text/html; charset=utf-8Content-Length: 150Connection: keep-aliveServer: APISIX web server
... ...
#
Disable PluginWhen you want to disable the uri blocker
plugin, it is very simple, you can delete the corresponding json configuration in the plugin configuration, no need to restart the service, it will take effect immediately:
curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d '{ "uri": "/*", "upstream": { "type": "roundrobin", "nodes": { "127.0.0.1:1980": 1 } }}'
The uri blocker
plugin has been disabled now. It works for other plugins.