- Newest
- Most votes
- Most comments
In AWS WAF, when you are using regular expressions for matching URI paths, you must consider how regex is supported in that context. AWS WAF uses RE2-style regular expressions, which notably does not support all Perl-compatible regular expression (PCRE) features. One such unsupported feature is inline modifiers, like the case-insensitivity flag (?i) used in PCRE. Instead, you need to manually specify case insensitivity by including both uppercase and lowercase versions of each character.
Here is how you can modify your regular expression to match /URIPath in a case-insensitive manner:
\/[Uu][Rr][Ii][Pp][Aa][Tt][Hh]
This regex will match /URIPath, /uripath, /URIPATH, /uRiPaTh, etc., because it includes each possible upper and lower case variation of the letters in "URIPath".
Regarding your question about using "Contains" in AWS WAF rules:
- The "Contains" string match condition checks whether part of the web request, such as the URI or query string, contains the specified string. This type of matching is case sensitive. If you use "Contains" with "URIPath", it will not match "/uripath", "/URIPATH", etc.
So, if you need case-insensitive matching, you should use the modified regex above with the Regex match statement in AWS WAF. This will ensure that variations in case will still trigger a match without relying on the unsupported inline flag for case insensitivity.
Relevant content
- Accepted Answer
asked 6 months ago - asked 2 years ago
AWS OFFICIALUpdated 15 days ago- AWS OFFICIALUpdated 10 days ago
- AWS OFFICIALUpdated 6 months ago
- AWS OFFICIALUpdated 9 days ago
