Variables
Last updated: 2025-12-05 14:27:11
Introduction
During configuration, variables allow you to dynamically extract and process data in requests. These variables can not only store static values but also refer to specific fields or information in requests, and their values may change when processing each request. For example: the
http.request.host variable can extract the hostname from each HTTP request. This capability enables the rule engine to handle more complex business logic.Content
The following are the currently supported preset variables in EdgeOne - obtain specific fields or information from the client HTTP request as variables.
Note:
When using variables, follow the format: ${http.request.scheme}. If the format or name is incorrect, you will be unable to use variables successfully.
Currently only support using variables individually. Do not concatenate variables with constants, or variable A with variable B.
Name | Type | Description | Example | Usable Module |
http.request.scheme | String | Client request protocol (application-layer protocol HTTP/HTTPS) | http https | Site acceleration Web protection |
http.request.zone | String | Site name | example.com | Site acceleration |
http.request.zoneid | String | site ID | zone-2c2r77pc3796 | Site acceleration |
http.request.host | String | client request URI hostname | www.example.com | Site acceleration Web protection |
http.request.full_uri | String | complete URI of client request (excluding #fragment) | https://www.example.org/articles/index?section=539061&expand=comments | Site acceleration |
http.request.method | String | HTTP Method of client request | GET | Site acceleration Web protection |
http.request.uri | String | The URI path and query string of a client request (including Path + Argument, excluding Scheme and Host) | /articles/index?section=539061&expand=comments | Site acceleration Web protection |
http.request.uri.path | String | URI path of a client request | /articles/index | Site acceleration Web protection |
http.request.file_extension | String | File extension of a client request file | jpg | Site acceleration Web protection. |
http.request.filename | String | Filename of a client request file | bot.txt | Site acceleration |
http.request.uri.query | String | The entire query string of a client request, excluding the ? separator | section=539061&expand=comments | Site acceleration Web protection |
http.request.headers["key"] | String | The header value of the client request's specified header named "key", where "key" can be replaced with your designated name. | https://developer.mozilla.org | Site acceleration Web protection |
http.request.uri.args["key"] | String | The parameter value of the client's query string with the specified parameter name "key", where "key" can be replaced with your designated name. | value | Site acceleration |
http.request.version | String | HTTP protocol version used by client requests | HTTP/1.0 HTTP/1.1 HTTP/2 HTTP/3 | Site acceleration |
http.request.ip | String | client TCP IP address, such as 1.1.1.1 | 93.184.216.34 | Site acceleration Web protection |
http.request.ip.port | String | client source port | 1028 | Site acceleration |
http.request.ip.city | String | City associated with client IP address | San Francisco | Site acceleration |
http.request.ip.continent | String | Continent code associated with client IP address | Africa Asia Europe North America South America Oceania Antarctica | Site acceleration |
http.request.ip.country | String | Country code associated with client IP address in ISO 3166-1 Alpha 2 format (2-letter) | GB. See more in [ISO 3166-1 Alpha 2 standard] | Site acceleration Web protection (planned) |
http.request.ip.version | Integer | IP protocol version (network layer protocol IPv4/IPv6) used by client requests | 4 6 | Web protection |
http.request.xff_header_ip | String | When the request includes the X-Forwarded-For header, it is the first IP in the X-Forwarded-For header, which is the proxied original client IP. When the request does not include the X-Forwarded-For header, it is the client IP of the request. | 93.184.216.34 | Web protection |
http.request.cookies["key"] | String | The session value of the Cookie in the client request with the specified name "key", where "key" can be replaced with your designated name. | MySessionId | Web protection |
http.request.ja3 | String | JA3 fingerprint (TLS fingerprint) in client requests | e7d705a3286e19ea42f587b344ee6865 | Web protection |
http.request.ip.reputation | String | Reputation of client IP (client profile analysis), including history of malicious activities and confidence degree of reputation. | scanners.medium | Web protection |
http.request.ip.isp | String | Operator organization of client IP | chinatelecom.com | Web protection |
http.request.bot.search_engine_bot | String | Client request source search engine crawler classification | googlebot_image | Web protection |
http.request.bot.known_bot_type | String | Known crawler types indicated by the User-Agent header in client requests | web_developer_tools | Web protection |
http.request.bot.behavioral_analysis.tag | String | Intelligent analysis result classification of client requests | malicious_bot suspected_bot | Web protection |
http.request.bot.behavioral_analysis.rule_id | String | Feature ID of client request AI analysis | botba-1320255933 | Web protection |
http.request.bot.session | Object | Bot session information included in client requests. Includes session features: status: session status ip: initial session IP | - | Web protection |
http.request.bot.token | Object | Bot verification invoice information in client requests. Includes invoice status: status: is the invoice valid bot client: client-side validation result is bot client browser_client: client-side validation result is browser client | - | Web protection |
http.request.ip.asn | String | ASN associated with the client IP address | 130340 | Web protection |
http.request.xff_header_ip | String | Client IP (preferentially match XFF header) | 93.184.216.34 | Web protection |
http.request.bot.search_engine_bot_id | String | Search engine crawler configuration, used for handling requests from search engine crawlers. The IP, User-Agent, or rDNS results of such requests match known search engine crawlers. | Search engine crawler feature ID | Web protection |
http.request.bot.known_bot_category_id | String | Commercial or open-source tool UA feature configuration (formerly UA feature rule) for handling access requests from known commercial or open-source tools. These requests have User-Agent headers that match known commercial or open-source tool features. | - | Web protection |
http.request.ip.source_idc_id | String | Client IP source IDC feature ID. Used to match access requests from client IPs in IDC (data center). These source requests are not directly accessed by mobile terminal or browser side. | - | Web protection |
http.request.ip.reputation_id | String | Threat intelligence database feature ID, used to match requests from client IPs with specific risk characteristics in recent access behavior. | - | Web protection |
http.request.bot.bot_rating_id | String | Intelligent Bot analysis rating | - | Web protection |
http.request.bot.bot_intelligence_details | String | Intelligent Bot analysis rating for request analysis, extracted crawler risk details | - | Web protection |
Was this page helpful?
You can also Contact Sales or Submit a Ticket for help.
Yes
No
Feedback