Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Added new parameter to waf_entity_url resource #969

Merged
merged 3 commits into from
May 8, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
47 changes: 47 additions & 0 deletions bigip/datasource_bigip_waf_entity_url.go
Original file line number Diff line number Diff line change
Expand Up @@ -77,6 +77,35 @@ func dataSourceBigipWafEntityUrl() *schema.Resource {
},
},
},
"cross_origin_requests_enforcement": {
Type: schema.TypeList,
Optional: true,
Elem: &schema.Resource{
Schema: map[string]*schema.Schema{
"include_subdomains": {
Type: schema.TypeBool,
Optional: true,
Default: false,
Description: "Specifies whether the subdomains are allowed to receive data from the web application.",
},
"origin_name": {
Type: schema.TypeString,
Required: true,
Description: "Specifies the name of the origin with which you want to share your data.",
},
"origin_port": {
Type: schema.TypeString,
Required: true,
Description: "Specifies the port that other web applications are allowed to use to request data from your web application.",
},
"origin_protocol": {
Type: schema.TypeString,
Required: true,
Description: "Specifies the protocol that other web applications are allowed to use to request data from your web application.",
},
},
},
},
"signature_overrides_disable": {
Type: schema.TypeList,
Optional: true,
Expand Down Expand Up @@ -131,6 +160,24 @@ func dataSourceBigipWafEntityUrlRead(ctx context.Context, d *schema.ResourceData
urlJson.MethodsOverrideOnUrlCheck = true
}

allowedOriginsCount := d.Get("cross_origin_requests_enforcement.#").(int)
if allowedOriginsCount > 0 {
urlJson.HTML5CrossOriginRequestsEnforcement.EnforcementMode = "enforce"

allowedOrigins := make([]bigip.WafUrlAllowedOrigins, 0, allowedOriginsCount)
for i := 0; i < allowedOriginsCount; i++ {
var a bigip.WafUrlAllowedOrigins
prefix := fmt.Sprintf("cross_origin_requests_enforcement.%d", i)
a.IncludeSubdomains = d.Get(prefix + ".include_subdomains").(bool)
a.OriginName = d.Get(prefix + ".origin_name").(string)
a.OriginPort = d.Get(prefix + ".origin_port").(string)
a.OriginProtocol = d.Get(prefix + ".origin_protocol").(string)
allowedOrigins = append(allowedOrigins, a)
}

urlJson.HTML5CrossOriginRequestsEnforcement.AllowerOrigins = allowedOrigins
}

jsonString, err := json.Marshal(urlJson)
if err != nil {
return diag.FromErr(err)
Expand Down
18 changes: 18 additions & 0 deletions docs/data-sources/bigip_waf_entity_url.md
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,18 @@ data "bigip_waf_entity_url" "WAFURL1" {
allow = true
method = "BDELETE"
}
cross_origin_requests_enforcement {
include_subdomains = true
origin_name = "app1.com"
origin_port = "80"
origin_protocol = "http"
}
cross_origin_requests_enforcement {
include_subdomains = true
origin_name = "app2.com"
origin_port = "443"
origin_protocol = "http"
}
}

```
Expand All @@ -46,6 +58,12 @@ data "bigip_waf_entity_url" "WAFURL1" {
* `method_overrides` - (Optional) A list of methods that are allowed or disallowed for a specific URL.
* `allow` - (Required) Specifies that the system allows or disallows a method for this URL
* `method` - (Required) Specifies an HTTP method.
* `cross_origin_requests_enforcement` - (Optional) A list of options that enables your web-application to share data with a website hosted on a
different domain.
* `include_subdomains` - (Required) Determines whether the subdomains are allowed to receive data from the web application.
* `origin_name` - (Required) Specifies the name of the origin with which you want to share your data.
* `origin_port` - (Required) Specifies the port that other web applications are allowed to use to request data from your web application.
* `origin_protocol` - (Required) Specifies the protocol that other web applications are allowed to use to request data from your web application.


## Attributes Reference
Expand Down
14 changes: 11 additions & 3 deletions vendor/github.com/f5devcentral/go-bigip/awaf.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

8 changes: 8 additions & 0 deletions vendor/github.com/f5devcentral/go-bigip/bigiq.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Loading