Chapter 3: Condition Reference
include a filename extension, such as http://example.com/ and http://example.com/test. To test multiple extensions, use parentheses and a comma separator (see the Example section below).
•regular_expression—A Perl regular expression. The expression must be quoted if it contains
whitespace or any of the following: & ( ) < > { } ; ! . = " '. For more information, refer
to Appendix E: “Using Regular Expressions,” in the Blue Coat ProxySG Configuration and Management Guide.
Objects with paths relative to the prefix_pattern and domain_suffix_pattern are also considered a match (see the “Example” section).
The following are test modifiers:
•.case_sensitive—By default, all matching is case-insensitive; however, the matches on the path and query portions can be made case-sensitive by using the form url.case_sensitive=.
•.domain—Changes the way the match is performed on the host portion of the URL. The host pattern is a domain_suffix pattern which either matches the hostname exactly, or matches a suffix of the hostname on component boundaries. The host is converted to a domain name by reverse DNS lookup if necessary. For example, the condition url.domain=//example.com matches the request URL http://www.example.com/, but does not match the request URL http://www.myexample.com/.
•.exact—Forces an exact string comparison on the full URL or component.
•.no_lookup—Depending on the form of the request’s host and the form of the pattern being matched, a DNS or reverse DNS lookup is performed to convert the request’s host before the comparison is made. This lookup can be suppressed by using the .no_lookup= form of the condition. The .no_lookup modifier speeds up policy evaluation, but use of it may introduce loopholes into your security policy that can be exploited by those who want to bypass your security measures. DNS and reverse DNS lookups can be globally restricted by restrict definitions.
•.prefix—Test if the string pattern is a prefix of the URL or component.
•.regex—Test the URL or component against a regular_expression pattern.
When applied to the url= condition, the URL is treated as a literal string for the purposes of the test.
When applied to the url.host= condition, if the URL host was specified as an IP address, the behavior depends on whether or not the no_lookup modifier was specified. If no_lookup was specified, then the condition is false. If no_lookup was not specified, then a reverse DNS lookup is performed to convert the IP address to a domain name. If the reverse DNS lookup fails, then the condition is false. This leads to the following edge conditions: url.host.regex=!”” has the same truth value as url.host.no_name=yes, and url.host.regex.no_lookup=!”” has the same truth value as url.host.is_numeric=yes.
When applied to the url.host= condition, this pattern match is always case-insensitive.
•.substring—Test if the string pattern is a substring of the URL or component. The substring need not match on a boundary (such as a subdomain or path directory) within a component.
