Blue Coat Systems Proxy SG

Chapter 3: Condition Reference

139

include a filename extension, such as http://example.com/ and http://example.com/test. To

test multiple extensions, use parentheses and a comma separator (see the Example section below).

•regular_expression—A Perl regular expression. The expression must be quoted if it contains

whitespace or any of the following: & | ( ) < > { } ; ! . = " '. For more information, refer

to Appendix E: “Using Regular Expressions,” in the Blue Coat ProxySG Configuration and

Management Guide.

Objects with paths relative to the prefix_pattern and domain_suffix_pattern are also considered

a match (see the “Example” section).

The following are test modifiers:

•.case_sensitive—By default, all matching is case-insensitive; however, the matches on the path

and query portions can be made case-sensitive by using the form url.case_sensitive=.

•.domain—Changes the way the match is performed on the host portion of the URL. The host

pattern is a domain_suffix pattern which either matches the hostname exactly, or matches a

suffix of the hostname on component boundaries. The host is converted to a domain name by

reverse DNS lookup if necessary. For example, the condition url.domain=//example.com

matches the request URL http://www.example.com/, but does not match the request URL

http://www.myexample.com/.

•.exact—Forces an exact string comparison on the full URL or component.

•.no_lookup—Depending on the form of the request’s host and the form of the pattern being

matched, a DNS or reverse DNS lookup is performed to convert the request’s host before the

comparison is made. This lookup can be suppressed by using the .no_lookup= form of the

condition. The .no_lookup modifier speeds up policy evaluation, but use of it may introduce

loopholes into your security policy that can be exploited by those who want to bypass your

security measures. DNS and reverse DNS lookups can be globally restricted by restrict

definitions.

•.prefix—Test if the string pattern is a prefix of the URL or component.

•.regex—Test the URL or component against a regular_expression pattern.

When applied to the url= condition, the URL is treated as a literal string for the purposes of the

test.

When applied to the url.host= condition, if the URL host was specified as an IP address, the

behavior depends on whether or not the no_lookup modifier was specified. If no_lookup was

specified, then the condition is false. If no_lookup was not specified, then a reverse DNS lookup is

performed to convert the IP address to a domain name. If the reverse DNS lookup fails, then the

condition is false. This leads to the following edge conditions: url.host.regex=!”” has the same

truth value as url.host.no_name=yes, and url.host.regex.no_lookup=!”” has the same

truth value as url.host.is_numeric=yes.

When applied to the url.host= condition, this pattern match is always case-insensitive.

•.substring—Test if the string pattern is a substring of the URL or component. The substring

need not match on a boundary (such as a subdomain or path directory) within a component.