Appendix 1: RE2 Regex

JANUSEC Application Gateway uses Google RE2 Regular Expression

Regex Rule Example 1

Checkpoint: URLPath
Description: checkpoint URLPath represents the path after the domain name in the URL address, for example ,URLPath is /blog/show.php

RE2 Rule:


Description: (?i) represents case insensitive,/ represents itself, \\. matches the decimal point,(git|svn) matches git or svn, used to block access to the wrongly released source code.

Regex Rule Example 2

Checkpoint: URLQuery
Description: checkpoint URLQuery represents the parameters in URL (example:`id=1&category=2` , URLQuery is id=1&category=2 )

RE2 Rule:


Description: % matches itself, \s+ matches one or more spaces, (and|or) matches various case combinations such as aNd, AnD, oR etc., used to prevent SQL Injection.

Regex Rule Example 3

Checkpoint: GetPostValue
Description: GetPostValue represents parameter values in GET and POST methods (example: ,GetPostValue is [1, 2] ).

RE2 Rule:


Description: [\w\p{L}] matches any letter, number, underscore or Unicode character (such as Chinese characters), = matches itself, $ matches the end, used to prevent SQL Injection.
\x{FFFF} matches UNICODE, example [\x{007F}-\x{FFFF}]+ matches unicode words.

©JANUSEC All Rights Reserved.      Contact:    QQ Group: 776900157