Skip to content

[WAF] Filter/hide API permissions #23559

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jul 10, 2025
Merged

[WAF] Filter/hide API permissions #23559

merged 1 commit into from
Jul 10, 2025

Conversation

@pedrosousa
Copy link
Contributor

@pedrosousa pedrosousa commented Jul 10, 2025
edited
Loading

Summary

Hide API permissions that may cause confusion (for Rulesets API endpoints).
Account-level ones are OK.

Also adds a few missing implementations of the APIRequest component.

@pedrosousa pedrosousa requested review from a team as code owners July 10, 2025 13:53
@hyperlint-ai
Copy link
Contributor

hyperlint-ai bot commented Jul 10, 2025

Howdy and thanks for contributing to our repo. The Cloudflare team reviews new, external PRs within two (2) weeks. If it's been two weeks or longer without any movement, please tag the PR Assignees in a comment.

We review internal PRs within 1 week. If it's something urgent or has been sitting without a comment, start a thread in the Developer Docs space internally.

PR Change Summary

Updated API documentation to filter and hide potentially confusing API permissions, while ensuring account-level permissions remain visible. Additionally, implemented missing features in the APIRequest component.

  • Filtered out confusing API permissions from the documentation
  • Ensured account-level permissions are still visible
  • Added missing implementations for the APIRequest component

Modified Files

  • src/content/docs/waf/account/custom-rulesets/create-api.mdx
  • src/content/docs/waf/account/managed-rulesets/index.mdx
  • src/content/docs/waf/account/rate-limiting-rulesets/create-api.mdx
  • src/content/docs/waf/custom-rules/create-api.mdx
  • src/content/docs/waf/custom-rules/skip/api-examples.mdx
  • src/content/docs/waf/managed-rules/check-for-exposed-credentials/configure-api.mdx
  • src/content/docs/waf/managed-rules/payload-logging/configure-api.mdx
  • src/content/docs/waf/managed-rules/reference/exposed-credentials-check.mdx
  • src/content/docs/waf/managed-rules/reference/owasp-core-ruleset/configure-api.mdx
  • src/content/docs/waf/managed-rules/reference/sensitive-data-detection.mdx
  • src/content/docs/waf/managed-rules/waf-exceptions/define-api.mdx
  • src/content/docs/waf/rate-limiting-rules/create-api.mdx
How can I customize these reviews?

Check out the Hyperlint AI Reviewer docs for more information on how to customize the review.

If you just want to ignore it on this PR, you can add the hyperlint-ignore label to the PR. Future changes won't trigger a Hyperlint review.

Note specifically for link checks, we only check the first 30 links in a file and we cache the results for several hours (for instance, if you just added a page, you might experience this). Our recommendation is to add hyperlint-ignore to the PR to ignore the link check for this PR.

@github-actions
Copy link
Contributor

github-actions bot commented Jul 10, 2025

This pull request requires reviews from CODEOWNERS as it changes files that match the following patterns:

Pattern Owners
/src/content/docs/waf/ @pedrosousa, @cloudflare/firewall, @cloudflare/pcx-technical-writing
* @cloudflare/pcx-technical-writing

@github-actions
Copy link
Contributor

github-actions bot commented Jul 10, 2025

Preview URL: https://2cae404b.preview.developers.cloudflare.com
Preview Branch URL: https://pedro-2025-07-10-waf-upd-api-perms.preview.developers.cloudflare.com

Files with changes (up to 15)

Original Link Updated Link
https://developers.cloudflare.com/waf/managed-rules/reference/owasp-core-ruleset/configure-api/ https://pedro-2025-07-10-waf-upd-api-perms.preview.developers.cloudflare.com/waf/managed-rules/reference/owasp-core-ruleset/configure-api/
https://developers.cloudflare.com/waf/managed-rules/payload-logging/configure-api/ https://pedro-2025-07-10-waf-upd-api-perms.preview.developers.cloudflare.com/waf/managed-rules/payload-logging/configure-api/
https://developers.cloudflare.com/waf/managed-rules/waf-exceptions/define-api/ https://pedro-2025-07-10-waf-upd-api-perms.preview.developers.cloudflare.com/waf/managed-rules/waf-exceptions/define-api/
https://developers.cloudflare.com/waf/account/custom-rulesets/create-api/ https://pedro-2025-07-10-waf-upd-api-perms.preview.developers.cloudflare.com/waf/account/custom-rulesets/create-api/
https://developers.cloudflare.com/waf/account/rate-limiting-rulesets/create-api/ https://pedro-2025-07-10-waf-upd-api-perms.preview.developers.cloudflare.com/waf/account/rate-limiting-rulesets/create-api/
https://developers.cloudflare.com/waf/custom-rules/skip/api-examples/ https://pedro-2025-07-10-waf-upd-api-perms.preview.developers.cloudflare.com/waf/custom-rules/skip/api-examples/
https://developers.cloudflare.com/waf/rate-limiting-rules/create-api/ https://pedro-2025-07-10-waf-upd-api-perms.preview.developers.cloudflare.com/waf/rate-limiting-rules/create-api/
https://developers.cloudflare.com/waf/account/managed-rulesets/ https://pedro-2025-07-10-waf-upd-api-perms.preview.developers.cloudflare.com/waf/account/managed-rulesets/
https://developers.cloudflare.com/waf/managed-rules/reference/exposed-credentials-check/ https://pedro-2025-07-10-waf-upd-api-perms.preview.developers.cloudflare.com/waf/managed-rules/reference/exposed-credentials-check/
https://developers.cloudflare.com/waf/managed-rules/reference/sensitive-data-detection/ https://pedro-2025-07-10-waf-upd-api-perms.preview.developers.cloudflare.com/waf/managed-rules/reference/sensitive-data-detection/
https://developers.cloudflare.com/waf/custom-rules/create-api/ https://pedro-2025-07-10-waf-upd-api-perms.preview.developers.cloudflare.com/waf/custom-rules/create-api/
https://developers.cloudflare.com/waf/managed-rules/check-for-exposed-credentials/configure-api/ https://pedro-2025-07-10-waf-upd-api-perms.preview.developers.cloudflare.com/waf/managed-rules/check-for-exposed-credentials/configure-api/

@pedrosousa pedrosousa merged commit e6e9dca into production Jul 10, 2025
11 of 12 checks passed
@pedrosousa pedrosousa deleted the pedro/2025-07-10-waf-upd-api-perms branch July 10, 2025 15:46
sdnts pushed a commit to sdnts/cloudflare-docs that referenced this pull request Jul 24, 2025
@pedrosousa @sdnts
[WAF] Filter/hide API permissions (cloudflare#23559)
977b4d2
thomasgauvin pushed a commit that referenced this pull request Aug 15, 2025
@pedrosousa @thomasgauvin
[WAF] Filter/hide API permissions (#23559)
c7f0be7
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@kodster28 kodster28 kodster28 approved these changes

Assignees

@dcpena dcpena

@haleycode haleycode

@patriciasantaana patriciasantaana

Labels

product:waf size/m

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@pedrosousa @kodster28 @dcpena @haleycode @patriciasantaana