diff --git a/src/content/docs/page-shield/policies/violations.mdx b/src/content/docs/page-shield/policies/violations.mdx
index f10bc4f55deb22..187388d160abf2 100644
--- a/src/content/docs/page-shield/policies/violations.mdx
+++ b/src/content/docs/page-shield/policies/violations.mdx
@@ -5,17 +5,15 @@ sidebar:
order: 4
head: []
description: Page Shield reports any violations to your custom Page Shield policies.
-
---
-import { Details, GlossaryTooltip } from "~/components"
+import { Details, GlossaryTooltip } from "~/components";
:::note
-
Only available to Enterprise customers with a paid add-on.
:::
-Shortly after you configure Page Shield policies, the Cloudflare dashboard will start displaying any violations of those policies. This information will be available for policies with any [action](/page-shield/policies/#policy-actions) (*Allow* and *Log*).
+Shortly after you configure Page Shield policies, the Cloudflare dashboard will start displaying any violations of those policies. This information will be available for policies with any [action](/page-shield/policies/#policy-actions) (_Allow_ and _Log_).
Information about policy violations is also available via [GraphQL API](/analytics/graphql-api/) and [Logpush](/logs/about/).
@@ -23,14 +21,14 @@ Information about policy violations is also available via [GraphQL API](/analyti
The policy violation information is available in **Security** > **Page Shield** > **Policies**. It includes the following:
-* A sparkline next to the policy name, showing policy violations in the past seven days.
-* For policies with associated violations, an expandable details section for each policy, with the top resources present in policy violation events and a sparkline per top resource.
+- A sparkline next to the policy name, showing policy violations in the past seven days.
+- For policies with associated violations, an expandable details section for each policy, with the top resources present in policy violation events and a sparkline per top resource.
## Get policy violations via GraphQL API
Use the [Cloudflare GraphQL API](/analytics/graphql-api/) to obtain policy violation information through the following dataset:
-* `pageShieldReportsAdaptiveGroups`
+- `pageShieldReportsAdaptiveGroups`
You can query the dataset for policy violations occurred in the past 30 days.
@@ -41,36 +39,43 @@ For an introduction to GraphQL querying, refer to [Querying basics](/analytics/g
### Example
```graphql title="Example GraphQL query"
-query PageShieldReports($zoneTag: string, $datetimeStart: string, $datetimeEnd: string) {
- viewer {
- zones(filter: {zoneTag: $zoneTag}) {
- pageShieldReportsAdaptiveGroups(limit: 100, orderBy: [datetime_ASC], filter: {datetime_geq:$datetimeStart, datetime_leq:$datetimeEnd}) {
- avg {
- sampleInterval
- }
- count
- dimensions {
- policyID
- datetime
- datetimeMinute
- datetimeFiveMinutes
- datetimeFifteenMinutes
- datetimeHalfOfHour
- datetimeHour
- url
- urlHost
- host
- resourceType
- pageURL
- action
- }
- }
- }
- }
+query PageShieldReports(
+ $zoneTag: string
+ $datetimeStart: string
+ $datetimeEnd: string
+) {
+ viewer {
+ zones(filter: { zoneTag: $zoneTag }) {
+ pageShieldReportsAdaptiveGroups(
+ limit: 100
+ orderBy: [datetime_ASC]
+ filter: { datetime_geq: $datetimeStart, datetime_leq: $datetimeEnd }
+ ) {
+ avg {
+ sampleInterval
+ }
+ count
+ dimensions {
+ policyID
+ datetime
+ datetimeMinute
+ datetimeFiveMinutes
+ datetimeFifteenMinutes
+ datetimeHalfOfHour
+ datetimeHour
+ url
+ urlHost
+ host
+ resourceType
+ pageURL
+ action
+ }
+ }
+ }
+ }
}
```
-
```bash
@@ -109,12 +114,11 @@ echo '{ "query":
}
}' | tr -d '\n' | curl --silent \
https://api.cloudflare.com/client/v4/graphql \
---header "Authorization: Bearer " \
+--header "Authorization: Bearer $CLOUDFLARE_API_TOKEN" \
--header "Content-Type: application/json" \
--data @-
```
-
## Get policy violations via Logpush
diff --git a/src/content/docs/page-shield/reference/page-shield-api.mdx b/src/content/docs/page-shield/reference/page-shield-api.mdx
index b9c0f07d59c691..d3f31360a6f4f5 100644
--- a/src/content/docs/page-shield/reference/page-shield-api.mdx
+++ b/src/content/docs/page-shield/reference/page-shield-api.mdx
@@ -5,7 +5,7 @@ sidebar:
order: 12
---
-import { GlossaryTooltip } from "~/components";
+import { GlossaryTooltip, APIRequest } from "~/components";
You can enable and disable Page Shield, configure its settings, and fetch information about detected scripts and connections using the [Page Shield API](/api/resources/page_shield/methods/get/).
@@ -71,10 +71,7 @@ The malicious script classification (`Malicious` or `Not malicious`) is not dire
This example obtains the current settings of Page Shield, including the status (enabled/disabled).
-```bash
-curl "https://api.cloudflare.com/client/v4/zones/{zone_id}/page_shield" \
---header "Authorization: Bearer "
-```
+
```json output
{
@@ -94,13 +91,11 @@ curl "https://api.cloudflare.com/client/v4/zones/{zone_id}/page_shield" \
This example enables Page Shield in the specified zone.
-```bash
-curl --request PUT \
-"https://api.cloudflare.com/client/v4/zones/{zone_id}/page_shield" \
---header "Authorization: Bearer " \
---header "Content-Type: application/json" \
---data '{ "enabled": true }'
-```
+
```json output
{
@@ -120,10 +115,15 @@ This `GET` request fetches a list of scripts detected by Page Shield on hostname
By default, the response will only include scripts with `active` status when you do not specify a `status` filter parameter in the URL query string.
-```bash
-curl "https://api.cloudflare.com/api/v4/zones/{zone_id}/page_shield/scripts?hosts=example.net&page=1&per_page=15" \
---header "Authorization: Bearer "
-```
+
```json output
{
@@ -173,10 +173,16 @@ For details on the available filtering, paging, and sorting parameters, refer to
This `GET` request fetches a list of infrequently reported scripts on hostname `example.net`, requesting the first page with 15 items per page. The URL query string includes filtering and paging parameters.
-```bash
-curl "https://api.cloudflare.com/api/v4/zones/{zone_id}/page_shield/scripts?status=infrequent&hosts=example.net&page=1&per_page=15" \
---header "Authorization: Bearer "
-```
+
```json output
{
@@ -225,10 +231,13 @@ For details on the available filtering, paging, and sorting parameters, refer to
This `GET` request obtains the details of a script detected by Page Shield with script ID `8337233faec2357ff84465a919534e4d`.
-```bash
-curl "https://api.cloudflare.com/api/v4/zones/{zone_id}/page_shield/scripts/8337233faec2357ff84465a919534e4d" \
---header "Authorization: Bearer "
-```
+
```json output
{
@@ -285,10 +294,14 @@ This `GET` request fetches a list of connections detected by Page Shield, reques
By default, the response will only include connections with `active` status when you do not specify a `status` filter parameter in the URL query string.
-```bash
-curl "https://api.cloudflare.com/api/v4/zones/{zone_id}/page_shield/connections?page=1&per_page=15" \
---header "Authorization: Bearer "
-```
+
```json output
{
@@ -329,10 +342,13 @@ For details on the available filtering, paging, and sorting parameters, refer to
This `GET` request obtains the details of a connection detected by Page Shield with connection ID `0a7bb628776f4e50a50d8594c4a01740`.
-```bash
-curl "https://api.cloudflare.com/api/v4/zones/{zone_id}/page_shield/connections/0a7bb628776f4e50a50d8594c4a01740" \
---header "Authorization: Bearer "
-```
+
```json output
{
@@ -363,10 +379,14 @@ This `GET` request fetches a list of cookies detected by Page Shield, requesting
By default, the response will only include cookies with `active` status when you do not specify a `status` filter parameter in the URL query string.
-```bash
-curl "https://api.cloudflare.com/api/v4/zones/{zone_id}/page_shield/cookies?page=1&per_page=15" \
---header "Authorization: Bearer "
-```
+
```json output
{
@@ -409,10 +429,13 @@ For details on the available filtering, paging, and sorting parameters, refer to
This `GET` request obtains the details of a cookie detected by Page Shield with ID `beee03ada7e047e79f076785d8cd8b8e`.
-```bash
-curl "https://api.cloudflare.com/api/v4/zones/{zone_id}/page_shield/cookies/beee03ada7e047e79f076785d8cd8b8e" \
---header "Authorization: Bearer "
-```
+
```json output
{
@@ -453,22 +476,21 @@ All other scripts would trigger a policy violation, but those scripts would not
For more information on Content Security Policy (CSP) directives and values, refer to the [MDN documentation](https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/Content-Security-Policy).
:::note
-
For a list of CSP directives and keywords supported by Page Shield policies, refer to [CSP directives supported by policies](/page-shield/policies/csp-directives/).
:::
-```bash
-curl "https://api.cloudflare.com/api/v4/zones/{zone_id}/page_shield/policies" \
---header "Authorization: Bearer " \
---header "Content-Type: application/json" \
---data '{
- "description": "My first policy in log mode",
- "action": "log",
- "expression": "http.host eq myapp.example.com",
- "enabled": "true",
- "value": "script-src myapp.example.com cdnjs.cloudflare.com https://www.google-analytics.com/analytics.js '\''self'\''"
-}'
-```
+
```json output
{