Skip to content

swagger change for application gateway waf global config and exclusio… #3962

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
azhao155 wants to merge 2 commits into from
Closed

swagger change for application gateway waf global config and exclusio… #3962

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
fc34022
swagger change for application gateway waf global config and exclusio…
Sep 20, 2018
d8975ae
address the comments
Sep 20, 2018
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
47 changes: 47 additions & 0 deletions ...tion/network/resource-manager/Microsoft.Network/stable/2018-08-01/applicationGateway.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1827,6 +1827,31 @@
"minimum": 8,
"exclusiveMinimum": false,
"description": "Maxium request body size for WAF."
},
"maxRequestBodySizeInKb": {
"type": "integer",
"format": "int32",
"maximum": 128,
"exclusiveMaximum": false,
"minimum": 8,
Copy link

@asridharan asridharan Sep 20, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Isn't minimum value of the maxRequeustBodySizeInKb supposed to 1KB?

Copy link
Contributor Author

@azhao155 azhao155 Sep 20, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

it should be 8kb

"exclusiveMinimum": false,
"description": "Maxium request body size in Kb for WAF."
},
"fileUploadLimitInMb": {
"type": "integer",
"format": "int32",
"maximum": 500,
Copy link

@asridharan asridharan Sep 20, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

For the fileUploadLimitInMb there seem to be two different values:
MaxFileUploadSizeInMbForMediumGw and MaxFileUploadSizeInMbForLargeGw, shouldn't we have these as different limits in the swagger as well?

"exclusiveMaximum": false,
"minimum": 0,
"exclusiveMinimum": false,
"description": "Maxium file upload size in Mb for WAF."
},
"exclusions": {
"type": "array",
"items": {
"$ref": "#/definitions/ApplicationGatewayFirewallExclusion"
},
"description": "The exclusion list."
}
},
"required": [
Expand Down Expand Up @@ -1895,6 +1920,28 @@
],
"description": "Allows to disable rules within a rule group or an entire rule group."
},
"ApplicationGatewayFirewallExclusion": {
"properties": {
Copy link

@allanbomsft allanbomsft Sep 21, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

when i tested i noticed it was like this
"exclusions": [
{
"matchVariable": "RequestCookieNames",
"selectorMatchOperator": "Contains",
"selector": "hello"
}
]
There was no "properties" : {}. So is this correct?

"matchVariable": {
"type": "string",
"description": "The variable to be excluded."
},
"selectorMatchOperator": {
"type": "string",
Copy link

@allanbomsft allanbomsft Sep 20, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

How far down in the stack are these strings vs. enums? If they were enums here, I think the auto generated API's will have built in validation and auto-completion, so we should consider the tradeoffs of enums vs strings here.

Copy link
Contributor Author

@azhao155 azhao155 Sep 20, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

we have string defination on the nrp and also have validation there, so don't want to make the transfer in the nrp code. It will be too long for us.

"description": "When matchVariable is a collection, operate on the selector to specify which elements in the collection this exclusion applies to."
},
"selector": {
"type": "string",
"description": "When matchVariable is a collection, operator used to specify which elements in the collection this exclusion applies to."
}
},
"required": [
"matchVariable",
"selectorMatchOperator",
"selector"
],
"description": "Allow to exclude some variable satisfy the condition for the WAF check"
},
"ApplicationGatewayAvailableWafRuleSetsResult": {
"properties": {
"value": {
Expand Down