DescribeOwaspRuleTypes

Last updated: 2025-10-30 22:08:29

DescribeOwaspRuleTypes

Last updated: 2025-10-30 22:08:29

1. API Description

Domain name for API request: waf.intl.tencentcloudapi.com.

This API is used to query the rule types of the rule engine.

A maximum of 20 requests can be initiated per second for this API.

We recommend you to use API Explorer

Try it

API Explorer provides a range of capabilities, including online call, signature authentication, SDK code generation, and API quick search. It enables you to view the request, response, and auto-generated examples.

2. Input Parameters

The following request parameter list only provides API request parameters and some common parameters. For the complete common parameter list, see Common Request Parameters.

Parameter Name	Required	Type	Description
Action	Yes	String	Common Params. The value used for this API: DescribeOwaspRuleTypes.
Version	Yes	String	Common Params. The value used for this API: 2018-01-25.
Region	Yes	String	Common Params. For more information, please see the list of regions supported by the product. This API only supports: ap-guangzhou, ap-seoul, ap-singapore.
Domain	Yes	String	Domain names to be queried
Offset	No	Integer	Page number, defaults to 0.
Limit	No	Integer	Capacity per page. defaults to 10.
Filters.N	No	Array of FiltersItemNew	Filter conditions. supports rule ID, CVE ID, and description.

3. Output Parameters

Parameter Name	Type	Description
Total	Integer	Number of rule types.
List	Array of OwaspRuleType	Rule type list and information.
RequestId	String	The unique request ID, generated by the server, will be returned for every request (if the request fails to reach the server for other reasons, the request will not obtain a RequestId). RequestId is required for locating a problem.

4. Example

Example1 Querying the Rule Type List of the Rule Engine

Input Example

POST / HTTP/1.1
Host: waf.intl.tencentcloudapi.com
Content-Type: application/json
X-TC-Action: DescribeOwaspRuleTypes
<Common request parameters>

{
    "Domain": "owasp.saas3.testwaf.com"
}

Output Example

{
    "Response": {
        "List": [
            {
                "Action": 0,
                "ActiveRule": 1056,
"Classification": "XSS attack"
"Description": "Cross-site scripting (XSS) attacks are a type of injection where malicious scripts are injected into trusted websites. XSS attacks occur when an attacker uses a Web application to send malicious code (usually in the form of browser-side scripts) to different end users. Defects that allow these attacks to succeed are widely adopted and happen wherever a Web application uses user-submitted input in its generated output without verification or encoding. An attacker can use XSS to send malicious scripts to unsuspecting users. The end user's browser cannot determine if the script is untrusted and will execute it. Since the browser considers the script to come from a credible source, the malicious script can access any cookies, session tokens, or other sensitive information retained by the browser and used with the site. These scripts can even rewrite the contents of the HTML page."
                "Level": 100,
                "Status": 1,
                "TotalRule": 1320,
                "TypeId": 10000000,
"TypeName": "XSS attack"
            }
        ],
        "RequestId": "239d0e9a-c7b1-48af-acda-7237c060362a",
        "Total": 1
    }
}

5. Developer Resources

SDK

TencentCloud API 3.0 integrates SDKs that support various programming languages to make it easier for you to call APIs.

Command Line Interface

Tencent Cloud CLI 3.0

6. Error Code

The following only lists the error codes related to the API business logic. For other error codes, see Common Error Codes.

Error Code	Description
InternalError.Unknown	InternalError.Unknown
InvalidParameterValue.InvalidRequest	InvalidRequest
ResourceNotFound.NotFound	ResourceNotFound.NotFound

Was this page helpful?

You can also Contact Sales or Submit a Ticket for help.

Yes

Feedback

tencent cloud