# Page Shield

## Get Page Shield settings

`client.pageShield.get(PageShieldGetParamsparams, RequestOptionsoptions?): Setting | null`

**get** `/zones/{zone_id}/page_shield`

Fetches the Page Shield settings.

### Parameters

- `params: PageShieldGetParams`

  - `zone_id: string`

    Identifier

### Returns

- `Setting | null`

  - `enabled: boolean`

    When true, indicates that Page Shield is enabled.

  - `updated_at: string`

    The timestamp of when Page Shield was last updated.

  - `use_cloudflare_reporting_endpoint: boolean`

    When true, CSP reports will be sent to https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report

  - `use_connection_url_path: boolean`

    When true, the paths associated with connections URLs will also be analyzed.

### Example

```node
import Cloudflare from 'cloudflare';

const client = new Cloudflare({
  apiEmail: process.env['CLOUDFLARE_EMAIL'], // This is the default and can be omitted
  apiKey: process.env['CLOUDFLARE_API_KEY'], // This is the default and can be omitted
});

const setting = await client.pageShield.get({ zone_id: '023e105f4ecef8ad9ca31a8372d0c353' });

console.log(setting.enabled);
```

#### Response

```json
{
  "success": true,
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "result": {
    "enabled": true,
    "updated_at": "2022-10-12T17:56:52.083582+01:00",
    "use_cloudflare_reporting_endpoint": true,
    "use_connection_url_path": true
  }
}
```

## Update Page Shield settings

`client.pageShield.update(PageShieldUpdateParamsparams, RequestOptionsoptions?): PageShieldUpdateResponse`

**put** `/zones/{zone_id}/page_shield`

Updates Page Shield settings.

### Parameters

- `params: PageShieldUpdateParams`

  - `zone_id: string`

    Path param: Identifier

  - `enabled?: boolean`

    Body param: When true, indicates that Page Shield is enabled.

  - `use_cloudflare_reporting_endpoint?: boolean`

    Body param: When true, CSP reports will be sent to https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report

  - `use_connection_url_path?: boolean`

    Body param: When true, the paths associated with connections URLs will also be analyzed.

### Returns

- `PageShieldUpdateResponse`

  - `enabled: boolean`

    When true, indicates that Page Shield is enabled.

  - `updated_at: string`

    The timestamp of when Page Shield was last updated.

  - `use_cloudflare_reporting_endpoint: boolean`

    When true, CSP reports will be sent to https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report

  - `use_connection_url_path: boolean`

    When true, the paths associated with connections URLs will also be analyzed.

### Example

```node
import Cloudflare from 'cloudflare';

const client = new Cloudflare({
  apiEmail: process.env['CLOUDFLARE_EMAIL'], // This is the default and can be omitted
  apiKey: process.env['CLOUDFLARE_API_KEY'], // This is the default and can be omitted
});

const pageShield = await client.pageShield.update({ zone_id: '023e105f4ecef8ad9ca31a8372d0c353' });

console.log(pageShield.enabled);
```

#### Response

```json
{
  "success": true,
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "result": {
    "enabled": true,
    "updated_at": "2022-10-12T17:56:52.083582+01:00",
    "use_cloudflare_reporting_endpoint": true,
    "use_connection_url_path": true
  }
}
```

## Domain Types

### Setting

- `Setting`

  - `enabled: boolean`

    When true, indicates that Page Shield is enabled.

  - `updated_at: string`

    The timestamp of when Page Shield was last updated.

  - `use_cloudflare_reporting_endpoint: boolean`

    When true, CSP reports will be sent to https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report

  - `use_connection_url_path: boolean`

    When true, the paths associated with connections URLs will also be analyzed.

### Page Shield Update Response

- `PageShieldUpdateResponse`

  - `enabled: boolean`

    When true, indicates that Page Shield is enabled.

  - `updated_at: string`

    The timestamp of when Page Shield was last updated.

  - `use_cloudflare_reporting_endpoint: boolean`

    When true, CSP reports will be sent to https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report

  - `use_connection_url_path: boolean`

    When true, the paths associated with connections URLs will also be analyzed.

# Policies

## List Page Shield policies

`client.pageShield.policies.list(PolicyListParamsparams, RequestOptionsoptions?): SinglePage<PolicyListResponse>`

**get** `/zones/{zone_id}/page_shield/policies`

Lists all Page Shield policies.

### Parameters

- `params: PolicyListParams`

  - `zone_id: string`

    Identifier

### Returns

- `PolicyListResponse`

  - `id: string`

    Identifier

  - `action: "allow" | "log" | "add_reporting_directives"`

    The action to take if the expression matches

    - `"allow"`

    - `"log"`

    - `"add_reporting_directives"`

  - `description: string`

    A description for the policy

  - `enabled: boolean`

    Whether the policy is enabled

  - `expression: string`

    The expression which must match for the policy to be applied, using the Cloudflare Firewall rule expression syntax

  - `value: string`

    The policy which will be applied

### Example

```node
import Cloudflare from 'cloudflare';

const client = new Cloudflare({
  apiEmail: process.env['CLOUDFLARE_EMAIL'], // This is the default and can be omitted
  apiKey: process.env['CLOUDFLARE_API_KEY'], // This is the default and can be omitted
});

// Automatically fetches more pages as needed.
for await (const policyListResponse of client.pageShield.policies.list({
  zone_id: '023e105f4ecef8ad9ca31a8372d0c353',
})) {
  console.log(policyListResponse.id);
}
```

#### Response

```json
{
  "result": [
    {
      "id": "023e105f4ecef8ad9ca31a8372d0c353",
      "action": "allow",
      "description": "Checkout page CSP policy",
      "enabled": true,
      "expression": "ends_with(http.request.uri.path, \"/checkout\")",
      "value": "script-src 'none';"
    }
  ],
  "result_info": {
    "count": 1,
    "page": 1,
    "per_page": 20,
    "total_count": 2000,
    "total_pages": 100
  },
  "success": true,
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ]
}
```

## Get a Page Shield policy

`client.pageShield.policies.get(stringpolicyId, PolicyGetParamsparams, RequestOptionsoptions?): PolicyGetResponse | null`

**get** `/zones/{zone_id}/page_shield/policies/{policy_id}`

Fetches a Page Shield policy by ID.

### Parameters

- `policyId: string`

  Identifier

- `params: PolicyGetParams`

  - `zone_id: string`

    Identifier

### Returns

- `PolicyGetResponse`

  - `id: string`

    Identifier

  - `action: "allow" | "log" | "add_reporting_directives"`

    The action to take if the expression matches

    - `"allow"`

    - `"log"`

    - `"add_reporting_directives"`

  - `description: string`

    A description for the policy

  - `enabled: boolean`

    Whether the policy is enabled

  - `expression: string`

    The expression which must match for the policy to be applied, using the Cloudflare Firewall rule expression syntax

  - `value: string`

    The policy which will be applied

### Example

```node
import Cloudflare from 'cloudflare';

const client = new Cloudflare({
  apiEmail: process.env['CLOUDFLARE_EMAIL'], // This is the default and can be omitted
  apiKey: process.env['CLOUDFLARE_API_KEY'], // This is the default and can be omitted
});

const policy = await client.pageShield.policies.get('023e105f4ecef8ad9ca31a8372d0c353', {
  zone_id: '023e105f4ecef8ad9ca31a8372d0c353',
});

console.log(policy.id);
```

#### Response

```json
{
  "result": {
    "id": "023e105f4ecef8ad9ca31a8372d0c353",
    "action": "allow",
    "description": "Checkout page CSP policy",
    "enabled": true,
    "expression": "ends_with(http.request.uri.path, \"/checkout\")",
    "value": "script-src 'none';"
  },
  "success": true,
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ]
}
```

## Create a Page Shield policy

`client.pageShield.policies.create(PolicyCreateParamsparams, RequestOptionsoptions?): PolicyCreateResponse | null`

**post** `/zones/{zone_id}/page_shield/policies`

Create a Page Shield policy.

### Parameters

- `params: PolicyCreateParams`

  - `zone_id: string`

    Path param: Identifier

  - `action: "allow" | "log" | "add_reporting_directives"`

    Body param: The action to take if the expression matches

    - `"allow"`

    - `"log"`

    - `"add_reporting_directives"`

  - `description: string`

    Body param: A description for the policy

  - `enabled: boolean`

    Body param: Whether the policy is enabled

  - `expression: string`

    Body param: The expression which must match for the policy to be applied, using the Cloudflare Firewall rule expression syntax

  - `value: string`

    Body param: The policy which will be applied

### Returns

- `PolicyCreateResponse`

  - `id: string`

    Identifier

  - `action: "allow" | "log" | "add_reporting_directives"`

    The action to take if the expression matches

    - `"allow"`

    - `"log"`

    - `"add_reporting_directives"`

  - `description: string`

    A description for the policy

  - `enabled: boolean`

    Whether the policy is enabled

  - `expression: string`

    The expression which must match for the policy to be applied, using the Cloudflare Firewall rule expression syntax

  - `value: string`

    The policy which will be applied

### Example

```node
import Cloudflare from 'cloudflare';

const client = new Cloudflare({
  apiEmail: process.env['CLOUDFLARE_EMAIL'], // This is the default and can be omitted
  apiKey: process.env['CLOUDFLARE_API_KEY'], // This is the default and can be omitted
});

const policy = await client.pageShield.policies.create({
  zone_id: '023e105f4ecef8ad9ca31a8372d0c353',
  action: 'allow',
  description: 'Checkout page CSP policy',
  enabled: true,
  expression: 'ends_with(http.request.uri.path, "/checkout")',
  value: "script-src 'none';",
});

console.log(policy.id);
```

#### Response

```json
{
  "result": {
    "id": "023e105f4ecef8ad9ca31a8372d0c353",
    "action": "allow",
    "description": "Checkout page CSP policy",
    "enabled": true,
    "expression": "ends_with(http.request.uri.path, \"/checkout\")",
    "value": "script-src 'none';"
  },
  "success": true,
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ]
}
```

## Update a Page Shield policy

`client.pageShield.policies.update(stringpolicyId, PolicyUpdateParamsparams, RequestOptionsoptions?): PolicyUpdateResponse | null`

**put** `/zones/{zone_id}/page_shield/policies/{policy_id}`

Update a Page Shield policy by ID.

### Parameters

- `policyId: string`

  Identifier

- `params: PolicyUpdateParams`

  - `zone_id: string`

    Path param: Identifier

  - `action?: "allow" | "log" | "add_reporting_directives"`

    Body param: The action to take if the expression matches

    - `"allow"`

    - `"log"`

    - `"add_reporting_directives"`

  - `description?: string`

    Body param: A description for the policy

  - `enabled?: boolean`

    Body param: Whether the policy is enabled

  - `expression?: string`

    Body param: The expression which must match for the policy to be applied, using the Cloudflare Firewall rule expression syntax

  - `value?: string`

    Body param: The policy which will be applied

### Returns

- `PolicyUpdateResponse`

  - `id: string`

    Identifier

  - `action: "allow" | "log" | "add_reporting_directives"`

    The action to take if the expression matches

    - `"allow"`

    - `"log"`

    - `"add_reporting_directives"`

  - `description: string`

    A description for the policy

  - `enabled: boolean`

    Whether the policy is enabled

  - `expression: string`

    The expression which must match for the policy to be applied, using the Cloudflare Firewall rule expression syntax

  - `value: string`

    The policy which will be applied

### Example

```node
import Cloudflare from 'cloudflare';

const client = new Cloudflare({
  apiEmail: process.env['CLOUDFLARE_EMAIL'], // This is the default and can be omitted
  apiKey: process.env['CLOUDFLARE_API_KEY'], // This is the default and can be omitted
});

const policy = await client.pageShield.policies.update('023e105f4ecef8ad9ca31a8372d0c353', {
  zone_id: '023e105f4ecef8ad9ca31a8372d0c353',
});

console.log(policy.id);
```

#### Response

```json
{
  "result": {
    "id": "023e105f4ecef8ad9ca31a8372d0c353",
    "action": "allow",
    "description": "Checkout page CSP policy",
    "enabled": true,
    "expression": "ends_with(http.request.uri.path, \"/checkout\")",
    "value": "script-src 'none';"
  },
  "success": true,
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ]
}
```

## Delete a Page Shield policy

`client.pageShield.policies.delete(stringpolicyId, PolicyDeleteParamsparams, RequestOptionsoptions?): void`

**delete** `/zones/{zone_id}/page_shield/policies/{policy_id}`

Delete a Page Shield policy by ID.

### Parameters

- `policyId: string`

  Identifier

- `params: PolicyDeleteParams`

  - `zone_id: string`

    Identifier

### Example

```node
import Cloudflare from 'cloudflare';

const client = new Cloudflare({
  apiEmail: process.env['CLOUDFLARE_EMAIL'], // This is the default and can be omitted
  apiKey: process.env['CLOUDFLARE_API_KEY'], // This is the default and can be omitted
});

await client.pageShield.policies.delete('023e105f4ecef8ad9ca31a8372d0c353', {
  zone_id: '023e105f4ecef8ad9ca31a8372d0c353',
});
```

## Domain Types

### Policy

- `Policy`

  - `action: "allow" | "log" | "add_reporting_directives"`

    The action to take if the expression matches

    - `"allow"`

    - `"log"`

    - `"add_reporting_directives"`

  - `description: string`

    A description for the policy

  - `enabled: boolean`

    Whether the policy is enabled

  - `expression: string`

    The expression which must match for the policy to be applied, using the Cloudflare Firewall rule expression syntax

  - `value: string`

    The policy which will be applied

### Policy List Response

- `PolicyListResponse`

  - `id: string`

    Identifier

  - `action: "allow" | "log" | "add_reporting_directives"`

    The action to take if the expression matches

    - `"allow"`

    - `"log"`

    - `"add_reporting_directives"`

  - `description: string`

    A description for the policy

  - `enabled: boolean`

    Whether the policy is enabled

  - `expression: string`

    The expression which must match for the policy to be applied, using the Cloudflare Firewall rule expression syntax

  - `value: string`

    The policy which will be applied

### Policy Get Response

- `PolicyGetResponse`

  - `id: string`

    Identifier

  - `action: "allow" | "log" | "add_reporting_directives"`

    The action to take if the expression matches

    - `"allow"`

    - `"log"`

    - `"add_reporting_directives"`

  - `description: string`

    A description for the policy

  - `enabled: boolean`

    Whether the policy is enabled

  - `expression: string`

    The expression which must match for the policy to be applied, using the Cloudflare Firewall rule expression syntax

  - `value: string`

    The policy which will be applied

### Policy Create Response

- `PolicyCreateResponse`

  - `id: string`

    Identifier

  - `action: "allow" | "log" | "add_reporting_directives"`

    The action to take if the expression matches

    - `"allow"`

    - `"log"`

    - `"add_reporting_directives"`

  - `description: string`

    A description for the policy

  - `enabled: boolean`

    Whether the policy is enabled

  - `expression: string`

    The expression which must match for the policy to be applied, using the Cloudflare Firewall rule expression syntax

  - `value: string`

    The policy which will be applied

### Policy Update Response

- `PolicyUpdateResponse`

  - `id: string`

    Identifier

  - `action: "allow" | "log" | "add_reporting_directives"`

    The action to take if the expression matches

    - `"allow"`

    - `"log"`

    - `"add_reporting_directives"`

  - `description: string`

    A description for the policy

  - `enabled: boolean`

    Whether the policy is enabled

  - `expression: string`

    The expression which must match for the policy to be applied, using the Cloudflare Firewall rule expression syntax

  - `value: string`

    The policy which will be applied

# Connections

## List Page Shield connections

`client.pageShield.connections.list(ConnectionListParamsparams, RequestOptionsoptions?): SinglePage<Connection>`

**get** `/zones/{zone_id}/page_shield/connections`

Lists all connections detected by Page Shield.

### Parameters

- `params: ConnectionListParams`

  - `zone_id: string`

    Path param: Identifier

  - `direction?: "asc" | "desc"`

    Query param: The direction used to sort returned connections.

    - `"asc"`

    - `"desc"`

  - `exclude_cdn_cgi?: boolean`

    Query param: When true, excludes connections seen in a `/cdn-cgi` path from the returned connections. The default value is true.

  - `exclude_urls?: string`

    Query param: Excludes connections whose URL contains one of the URL-encoded URLs separated by commas.

  - `_export?: "csv"`

    Query param: Export the list of connections as a file, limited to 50000 entries.

    - `"csv"`

  - `hosts?: string`

    Query param: Includes connections that match one or more URL-encoded hostnames separated by commas.

    Wildcards are supported at the start and end of each hostname to support starts with, ends with
    and contains. If no wildcards are used, results will be filtered by exact match

  - `order_by?: "first_seen_at" | "last_seen_at"`

    Query param: The field used to sort returned connections.

    - `"first_seen_at"`

    - `"last_seen_at"`

  - `page?: string`

    Query param: The current page number of the paginated results.

    We additionally support a special value "all". When "all" is used, the API will return all the connections
    with the applied filters in a single page. This feature is best-effort and it may only work for zones with
    a low number of connections

  - `page_url?: string`

    Query param: Includes connections that match one or more page URLs (separated by commas) where they were last seen

    Wildcards are supported at the start and end of each page URL to support starts with, ends with
    and contains. If no wildcards are used, results will be filtered by exact match

  - `per_page?: number`

    Query param: The number of results per page.

  - `prioritize_malicious?: boolean`

    Query param: When true, malicious connections appear first in the returned connections.

  - `status?: string`

    Query param: Filters the returned connections using a comma-separated list of connection statuses. Accepted values: `active`, `infrequent`, and `inactive`. The default value is `active`.

  - `urls?: string`

    Query param: Includes connections whose URL contain one or more URL-encoded URLs separated by commas.

### Returns

- `Connection`

  - `id: string`

    Identifier

  - `added_at: string`

  - `first_seen_at: string`

  - `host: string`

  - `last_seen_at: string`

  - `url: string`

  - `url_contains_cdn_cgi_path: boolean`

  - `domain_reported_malicious?: boolean`

  - `first_page_url?: string`

  - `malicious_domain_categories?: Array<string>`

  - `malicious_url_categories?: Array<string>`

  - `page_urls?: Array<string>`

  - `url_reported_malicious?: boolean`

### Example

```node
import Cloudflare from 'cloudflare';

const client = new Cloudflare({
  apiEmail: process.env['CLOUDFLARE_EMAIL'], // This is the default and can be omitted
  apiKey: process.env['CLOUDFLARE_API_KEY'], // This is the default and can be omitted
});

// Automatically fetches more pages as needed.
for await (const connection of client.pageShield.connections.list({
  zone_id: '023e105f4ecef8ad9ca31a8372d0c353',
})) {
  console.log(connection.id);
}
```

#### Response

```json
{
  "result_info": {
    "count": 1,
    "page": 1,
    "per_page": 20,
    "total_count": 2000,
    "total_pages": 100
  },
  "success": true,
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "result": [
    {
      "id": "023e105f4ecef8ad9ca31a8372d0c353",
      "added_at": "2021-08-18T10:51:10.09615Z",
      "first_seen_at": "2021-08-18T10:51:08Z",
      "host": "blog.cloudflare.com",
      "last_seen_at": "2021-09-02T09:57:54Z",
      "url": "https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.6.0/js/bootstrap.min.js",
      "url_contains_cdn_cgi_path": false,
      "domain_reported_malicious": false,
      "first_page_url": "blog.cloudflare.com/page",
      "malicious_domain_categories": [
        "Malware"
      ],
      "malicious_url_categories": [
        "Malware"
      ],
      "page_urls": [
        "blog.cloudflare.com/page1",
        "blog.cloudflare.com/page2"
      ],
      "url_reported_malicious": false
    }
  ]
}
```

## Get a Page Shield connection

`client.pageShield.connections.get(stringconnectionId, ConnectionGetParamsparams, RequestOptionsoptions?): Connection | null`

**get** `/zones/{zone_id}/page_shield/connections/{connection_id}`

Fetches a connection detected by Page Shield by connection ID.

### Parameters

- `connectionId: string`

  Identifier

- `params: ConnectionGetParams`

  - `zone_id: string`

    Identifier

### Returns

- `Connection | null`

  - `id: string`

    Identifier

  - `added_at: string`

  - `first_seen_at: string`

  - `host: string`

  - `last_seen_at: string`

  - `url: string`

  - `url_contains_cdn_cgi_path: boolean`

  - `domain_reported_malicious?: boolean`

  - `first_page_url?: string`

  - `malicious_domain_categories?: Array<string>`

  - `malicious_url_categories?: Array<string>`

  - `page_urls?: Array<string>`

  - `url_reported_malicious?: boolean`

### Example

```node
import Cloudflare from 'cloudflare';

const client = new Cloudflare({
  apiEmail: process.env['CLOUDFLARE_EMAIL'], // This is the default and can be omitted
  apiKey: process.env['CLOUDFLARE_API_KEY'], // This is the default and can be omitted
});

const connection = await client.pageShield.connections.get('023e105f4ecef8ad9ca31a8372d0c353', {
  zone_id: '023e105f4ecef8ad9ca31a8372d0c353',
});

console.log(connection.id);
```

#### Response

```json
{
  "result": {
    "id": "023e105f4ecef8ad9ca31a8372d0c353",
    "added_at": "2021-08-18T10:51:10.09615Z",
    "first_seen_at": "2021-08-18T10:51:08Z",
    "host": "blog.cloudflare.com",
    "last_seen_at": "2021-09-02T09:57:54Z",
    "url": "https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.6.0/js/bootstrap.min.js",
    "url_contains_cdn_cgi_path": false,
    "domain_reported_malicious": false,
    "first_page_url": "blog.cloudflare.com/page",
    "malicious_domain_categories": [
      "Malware"
    ],
    "malicious_url_categories": [
      "Malware"
    ],
    "page_urls": [
      "blog.cloudflare.com/page1",
      "blog.cloudflare.com/page2"
    ],
    "url_reported_malicious": false
  },
  "success": true,
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ]
}
```

## Domain Types

### Connection

- `Connection`

  - `id: string`

    Identifier

  - `added_at: string`

  - `first_seen_at: string`

  - `host: string`

  - `last_seen_at: string`

  - `url: string`

  - `url_contains_cdn_cgi_path: boolean`

  - `domain_reported_malicious?: boolean`

  - `first_page_url?: string`

  - `malicious_domain_categories?: Array<string>`

  - `malicious_url_categories?: Array<string>`

  - `page_urls?: Array<string>`

  - `url_reported_malicious?: boolean`

# Scripts

## List Page Shield scripts

`client.pageShield.scripts.list(ScriptListParamsparams, RequestOptionsoptions?): SinglePage<Script>`

**get** `/zones/{zone_id}/page_shield/scripts`

Lists all scripts detected by Page Shield.

### Parameters

- `params: ScriptListParams`

  - `zone_id: string`

    Path param: Identifier

  - `direction?: "asc" | "desc"`

    Query param: The direction used to sort returned scripts.

    - `"asc"`

    - `"desc"`

  - `exclude_cdn_cgi?: boolean`

    Query param: When true, excludes scripts seen in a `/cdn-cgi` path from the returned scripts. The default value is true.

  - `exclude_duplicates?: boolean`

    Query param: When true, excludes duplicate scripts. We consider a script duplicate of another if their javascript
    content matches and they share the same url host and zone hostname. In such case, we return the most
    recent script for the URL host and zone hostname combination.

  - `exclude_urls?: string`

    Query param: Excludes scripts whose URL contains one of the URL-encoded URLs separated by commas.

  - `_export?: "csv"`

    Query param: Export the list of scripts as a file, limited to 50000 entries.

    - `"csv"`

  - `hosts?: string`

    Query param: Includes scripts that match one or more URL-encoded hostnames separated by commas.

    Wildcards are supported at the start and end of each hostname to support starts with, ends with
    and contains. If no wildcards are used, results will be filtered by exact match

  - `order_by?: "first_seen_at" | "last_seen_at"`

    Query param: The field used to sort returned scripts.

    - `"first_seen_at"`

    - `"last_seen_at"`

  - `page?: string`

    Query param: The current page number of the paginated results.

    We additionally support a special value "all". When "all" is used, the API will return all the scripts
    with the applied filters in a single page. This feature is best-effort and it may only work for zones with
    a low number of scripts

  - `page_url?: string`

    Query param: Includes scripts that match one or more page URLs (separated by commas) where they were last seen

    Wildcards are supported at the start and end of each page URL to support starts with, ends with
    and contains. If no wildcards are used, results will be filtered by exact match

  - `per_page?: number`

    Query param: The number of results per page.

  - `prioritize_malicious?: boolean`

    Query param: When true, malicious scripts appear first in the returned scripts.

  - `status?: string`

    Query param: Filters the returned scripts using a comma-separated list of scripts statuses. Accepted values: `active`, `infrequent`, and `inactive`. The default value is `active`.

  - `urls?: string`

    Query param: Includes scripts whose URL contain one or more URL-encoded URLs separated by commas.

### Returns

- `Script`

  - `id: string`

    Identifier

  - `added_at: string`

  - `first_seen_at: string`

  - `host: string`

  - `last_seen_at: string`

  - `url: string`

  - `url_contains_cdn_cgi_path: boolean`

  - `cryptomining_score?: number | null`

    The cryptomining score of the JavaScript content.

  - `dataflow_score?: number | null`

    The dataflow score of the JavaScript content. This field has been deprecated in favour of js_integrity_score.

  - `domain_reported_malicious?: boolean`

  - `fetched_at?: string | null`

    The timestamp of when the script was last fetched.

  - `first_page_url?: string`

  - `hash?: string | null`

    The computed hash of the analyzed script.

  - `js_integrity_score?: number | null`

    The integrity score of the JavaScript content.

  - `magecart_score?: number | null`

    The magecart score of the JavaScript content.

  - `malicious_domain_categories?: Array<string>`

  - `malicious_url_categories?: Array<string>`

  - `malware_score?: number | null`

    The malware score of the JavaScript content.

  - `obfuscation_score?: number | null`

    The obfuscation score of the JavaScript content. This field has been deprecated in favour of js_integrity_score.

  - `page_urls?: Array<string>`

  - `url_reported_malicious?: boolean`

### Example

```node
import Cloudflare from 'cloudflare';

const client = new Cloudflare({
  apiEmail: process.env['CLOUDFLARE_EMAIL'], // This is the default and can be omitted
  apiKey: process.env['CLOUDFLARE_API_KEY'], // This is the default and can be omitted
});

// Automatically fetches more pages as needed.
for await (const script of client.pageShield.scripts.list({
  zone_id: '023e105f4ecef8ad9ca31a8372d0c353',
})) {
  console.log(script.id);
}
```

#### Response

```json
{
  "result": [
    {
      "id": "023e105f4ecef8ad9ca31a8372d0c353",
      "added_at": "2021-08-18T10:51:10.09615Z",
      "first_seen_at": "2021-08-18T10:51:08Z",
      "host": "blog.cloudflare.com",
      "last_seen_at": "2021-09-02T09:57:54Z",
      "url": "https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.6.0/js/bootstrap.min.js",
      "url_contains_cdn_cgi_path": false,
      "cryptomining_score": 1,
      "dataflow_score": 1,
      "domain_reported_malicious": false,
      "fetched_at": "fetched_at",
      "first_page_url": "blog.cloudflare.com/page",
      "hash": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
      "js_integrity_score": 1,
      "magecart_score": 1,
      "malicious_domain_categories": [
        "Malware"
      ],
      "malicious_url_categories": [
        "Malware"
      ],
      "malware_score": 1,
      "obfuscation_score": 1,
      "page_urls": [
        "blog.cloudflare.com/page1",
        "blog.cloudflare.com/page2"
      ],
      "url_reported_malicious": false
    }
  ],
  "result_info": {
    "count": 1,
    "page": 1,
    "per_page": 20,
    "total_count": 2000,
    "total_pages": 100
  },
  "success": true,
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ]
}
```

## Get a Page Shield script

`client.pageShield.scripts.get(stringscriptId, ScriptGetParamsparams, RequestOptionsoptions?): ScriptGetResponse | null`

**get** `/zones/{zone_id}/page_shield/scripts/{script_id}`

Fetches a script detected by Page Shield by script ID.

### Parameters

- `scriptId: string`

  Identifier

- `params: ScriptGetParams`

  - `zone_id: string`

    Identifier

### Returns

- `ScriptGetResponse`

  - `id: string`

    Identifier

  - `added_at: string`

  - `first_seen_at: string`

  - `host: string`

  - `last_seen_at: string`

  - `url: string`

  - `url_contains_cdn_cgi_path: boolean`

  - `cryptomining_score?: number | null`

    The cryptomining score of the JavaScript content.

  - `dataflow_score?: number | null`

    The dataflow score of the JavaScript content. This field has been deprecated in favour of js_integrity_score.

  - `domain_reported_malicious?: boolean`

  - `fetched_at?: string | null`

    The timestamp of when the script was last fetched.

  - `first_page_url?: string`

  - `hash?: string | null`

    The computed hash of the analyzed script.

  - `js_integrity_score?: number | null`

    The integrity score of the JavaScript content.

  - `magecart_score?: number | null`

    The magecart score of the JavaScript content.

  - `malicious_domain_categories?: Array<string>`

  - `malicious_url_categories?: Array<string>`

  - `malware_score?: number | null`

    The malware score of the JavaScript content.

  - `obfuscation_score?: number | null`

    The obfuscation score of the JavaScript content. This field has been deprecated in favour of js_integrity_score.

  - `page_urls?: Array<string>`

  - `url_reported_malicious?: boolean`

  - `versions?: Array<Version> | null`

    - `cryptomining_score?: number | null`

      The cryptomining score of the JavaScript content.

    - `dataflow_score?: number | null`

      The dataflow score of the JavaScript content. This field has been deprecated in favour of js_integrity_score.

    - `fetched_at?: string | null`

      The timestamp of when the script was last fetched.

    - `hash?: string | null`

      The computed hash of the analyzed script.

    - `js_integrity_score?: number | null`

      The integrity score of the JavaScript content.

    - `magecart_score?: number | null`

      The magecart score of the JavaScript content.

    - `malware_score?: number | null`

      The malware score of the JavaScript content.

    - `obfuscation_score?: number | null`

      The obfuscation score of the JavaScript content. This field has been deprecated in favour of js_integrity_score.

### Example

```node
import Cloudflare from 'cloudflare';

const client = new Cloudflare({
  apiEmail: process.env['CLOUDFLARE_EMAIL'], // This is the default and can be omitted
  apiKey: process.env['CLOUDFLARE_API_KEY'], // This is the default and can be omitted
});

const script = await client.pageShield.scripts.get('023e105f4ecef8ad9ca31a8372d0c353', {
  zone_id: '023e105f4ecef8ad9ca31a8372d0c353',
});

console.log(script.id);
```

#### Response

```json
{
  "result": {
    "id": "023e105f4ecef8ad9ca31a8372d0c353",
    "added_at": "2021-08-18T10:51:10.09615Z",
    "first_seen_at": "2021-08-18T10:51:08Z",
    "host": "blog.cloudflare.com",
    "last_seen_at": "2021-09-02T09:57:54Z",
    "url": "https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.6.0/js/bootstrap.min.js",
    "url_contains_cdn_cgi_path": false,
    "cryptomining_score": 1,
    "dataflow_score": 1,
    "domain_reported_malicious": false,
    "fetched_at": "fetched_at",
    "first_page_url": "blog.cloudflare.com/page",
    "hash": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
    "js_integrity_score": 1,
    "magecart_score": 1,
    "malicious_domain_categories": [
      "Malware"
    ],
    "malicious_url_categories": [
      "Malware"
    ],
    "malware_score": 1,
    "obfuscation_score": 1,
    "page_urls": [
      "blog.cloudflare.com/page1",
      "blog.cloudflare.com/page2"
    ],
    "url_reported_malicious": false,
    "versions": [
      {
        "cryptomining_score": 20,
        "dataflow_score": 1,
        "fetched_at": "2021-08-18T10:51:08Z",
        "hash": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b423",
        "js_integrity_score": 2,
        "magecart_score": 10,
        "malware_score": 5,
        "obfuscation_score": 1
      }
    ]
  },
  "success": true,
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ]
}
```

## Domain Types

### Script

- `Script`

  - `id: string`

    Identifier

  - `added_at: string`

  - `first_seen_at: string`

  - `host: string`

  - `last_seen_at: string`

  - `url: string`

  - `url_contains_cdn_cgi_path: boolean`

  - `cryptomining_score?: number | null`

    The cryptomining score of the JavaScript content.

  - `dataflow_score?: number | null`

    The dataflow score of the JavaScript content. This field has been deprecated in favour of js_integrity_score.

  - `domain_reported_malicious?: boolean`

  - `fetched_at?: string | null`

    The timestamp of when the script was last fetched.

  - `first_page_url?: string`

  - `hash?: string | null`

    The computed hash of the analyzed script.

  - `js_integrity_score?: number | null`

    The integrity score of the JavaScript content.

  - `magecart_score?: number | null`

    The magecart score of the JavaScript content.

  - `malicious_domain_categories?: Array<string>`

  - `malicious_url_categories?: Array<string>`

  - `malware_score?: number | null`

    The malware score of the JavaScript content.

  - `obfuscation_score?: number | null`

    The obfuscation score of the JavaScript content. This field has been deprecated in favour of js_integrity_score.

  - `page_urls?: Array<string>`

  - `url_reported_malicious?: boolean`

### Script Get Response

- `ScriptGetResponse`

  - `id: string`

    Identifier

  - `added_at: string`

  - `first_seen_at: string`

  - `host: string`

  - `last_seen_at: string`

  - `url: string`

  - `url_contains_cdn_cgi_path: boolean`

  - `cryptomining_score?: number | null`

    The cryptomining score of the JavaScript content.

  - `dataflow_score?: number | null`

    The dataflow score of the JavaScript content. This field has been deprecated in favour of js_integrity_score.

  - `domain_reported_malicious?: boolean`

  - `fetched_at?: string | null`

    The timestamp of when the script was last fetched.

  - `first_page_url?: string`

  - `hash?: string | null`

    The computed hash of the analyzed script.

  - `js_integrity_score?: number | null`

    The integrity score of the JavaScript content.

  - `magecart_score?: number | null`

    The magecart score of the JavaScript content.

  - `malicious_domain_categories?: Array<string>`

  - `malicious_url_categories?: Array<string>`

  - `malware_score?: number | null`

    The malware score of the JavaScript content.

  - `obfuscation_score?: number | null`

    The obfuscation score of the JavaScript content. This field has been deprecated in favour of js_integrity_score.

  - `page_urls?: Array<string>`

  - `url_reported_malicious?: boolean`

  - `versions?: Array<Version> | null`

    - `cryptomining_score?: number | null`

      The cryptomining score of the JavaScript content.

    - `dataflow_score?: number | null`

      The dataflow score of the JavaScript content. This field has been deprecated in favour of js_integrity_score.

    - `fetched_at?: string | null`

      The timestamp of when the script was last fetched.

    - `hash?: string | null`

      The computed hash of the analyzed script.

    - `js_integrity_score?: number | null`

      The integrity score of the JavaScript content.

    - `magecart_score?: number | null`

      The magecart score of the JavaScript content.

    - `malware_score?: number | null`

      The malware score of the JavaScript content.

    - `obfuscation_score?: number | null`

      The obfuscation score of the JavaScript content. This field has been deprecated in favour of js_integrity_score.

# Cookies

## List Page Shield Cookies

`client.pageShield.cookies.list(CookieListParamsparams, RequestOptionsoptions?): SinglePage<CookieListResponse>`

**get** `/zones/{zone_id}/page_shield/cookies`

Lists all cookies collected by Page Shield.

### Parameters

- `params: CookieListParams`

  - `zone_id: string`

    Path param: Identifier

  - `direction?: "asc" | "desc"`

    Query param: The direction used to sort returned cookies.'

    - `"asc"`

    - `"desc"`

  - `domain?: string`

    Query param: Filters the returned cookies that match the specified domain attribute

  - `_export?: "csv"`

    Query param: Export the list of cookies as a file, limited to 50000 entries.

    - `"csv"`

  - `hosts?: string`

    Query param: Includes cookies that match one or more URL-encoded hostnames separated by commas.

    Wildcards are supported at the start and end of each hostname to support starts with, ends with
    and contains. If no wildcards are used, results will be filtered by exact match

  - `http_only?: boolean`

    Query param: Filters the returned cookies that are set with HttpOnly

  - `name?: string`

    Query param: Filters the returned cookies that match the specified name.
    Wildcards are supported at the start and end to support starts with, ends with
    and contains. e.g. session*

  - `order_by?: "first_seen_at" | "last_seen_at"`

    Query param: The field used to sort returned cookies.

    - `"first_seen_at"`

    - `"last_seen_at"`

  - `page?: string`

    Query param: The current page number of the paginated results.

    We additionally support a special value "all". When "all" is used, the API will return all the cookies
    with the applied filters in a single page. This feature is best-effort and it may only work for zones with
    a low number of cookies

  - `page_url?: string`

    Query param: Includes connections that match one or more page URLs (separated by commas) where they were last seen

    Wildcards are supported at the start and end of each page URL to support starts with, ends with
    and contains. If no wildcards are used, results will be filtered by exact match

  - `path_?: string`

    Query param: Filters the returned cookies that match the specified path attribute

  - `per_page?: number`

    Query param: The number of results per page.

  - `same_site?: "lax" | "strict" | "none"`

    Query param: Filters the returned cookies that match the specified same_site attribute

    - `"lax"`

    - `"strict"`

    - `"none"`

  - `secure?: boolean`

    Query param: Filters the returned cookies that are set with Secure

  - `type?: "first_party" | "unknown"`

    Query param: Filters the returned cookies that match the specified type attribute

    - `"first_party"`

    - `"unknown"`

### Returns

- `CookieListResponse`

  - `id: string`

    Identifier

  - `first_seen_at: string`

  - `host: string`

  - `last_seen_at: string`

  - `name: string`

  - `type: "first_party" | "unknown"`

    - `"first_party"`

    - `"unknown"`

  - `domain_attribute?: string`

  - `expires_attribute?: string`

  - `http_only_attribute?: boolean`

  - `max_age_attribute?: number`

  - `page_urls?: Array<string>`

  - `path_attribute?: string`

  - `same_site_attribute?: "lax" | "strict" | "none"`

    - `"lax"`

    - `"strict"`

    - `"none"`

  - `secure_attribute?: boolean`

### Example

```node
import Cloudflare from 'cloudflare';

const client = new Cloudflare({
  apiEmail: process.env['CLOUDFLARE_EMAIL'], // This is the default and can be omitted
  apiKey: process.env['CLOUDFLARE_API_KEY'], // This is the default and can be omitted
});

// Automatically fetches more pages as needed.
for await (const cookieListResponse of client.pageShield.cookies.list({
  zone_id: '023e105f4ecef8ad9ca31a8372d0c353',
})) {
  console.log(cookieListResponse.id);
}
```

#### Response

```json
{
  "result": [
    {
      "id": "023e105f4ecef8ad9ca31a8372d0c353",
      "first_seen_at": "2021-08-18T10:51:08Z",
      "host": "blog.cloudflare.com",
      "last_seen_at": "2021-09-02T09:57:54Z",
      "name": "session_id",
      "type": "first_party",
      "domain_attribute": "cloudflare.com",
      "expires_attribute": "2021-10-02T09:57:54Z",
      "http_only_attribute": true,
      "max_age_attribute": 3600,
      "page_urls": [
        "blog.cloudflare.com/page1",
        "blog.cloudflare.com/page2"
      ],
      "path_attribute": "/",
      "same_site_attribute": "strict",
      "secure_attribute": true
    }
  ],
  "result_info": {
    "count": 1,
    "page": 1,
    "per_page": 20,
    "total_count": 2000,
    "total_pages": 100
  },
  "success": true,
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ]
}
```

## Get a Page Shield cookie

`client.pageShield.cookies.get(stringcookieId, CookieGetParamsparams, RequestOptionsoptions?): CookieGetResponse | null`

**get** `/zones/{zone_id}/page_shield/cookies/{cookie_id}`

Fetches a cookie collected by Page Shield by cookie ID.

### Parameters

- `cookieId: string`

  Identifier

- `params: CookieGetParams`

  - `zone_id: string`

    Identifier

### Returns

- `CookieGetResponse`

  - `id: string`

    Identifier

  - `first_seen_at: string`

  - `host: string`

  - `last_seen_at: string`

  - `name: string`

  - `type: "first_party" | "unknown"`

    - `"first_party"`

    - `"unknown"`

  - `domain_attribute?: string`

  - `expires_attribute?: string`

  - `http_only_attribute?: boolean`

  - `max_age_attribute?: number`

  - `page_urls?: Array<string>`

  - `path_attribute?: string`

  - `same_site_attribute?: "lax" | "strict" | "none"`

    - `"lax"`

    - `"strict"`

    - `"none"`

  - `secure_attribute?: boolean`

### Example

```node
import Cloudflare from 'cloudflare';

const client = new Cloudflare({
  apiEmail: process.env['CLOUDFLARE_EMAIL'], // This is the default and can be omitted
  apiKey: process.env['CLOUDFLARE_API_KEY'], // This is the default and can be omitted
});

const cookie = await client.pageShield.cookies.get('023e105f4ecef8ad9ca31a8372d0c353', {
  zone_id: '023e105f4ecef8ad9ca31a8372d0c353',
});

console.log(cookie.id);
```

#### Response

```json
{
  "result": {
    "id": "023e105f4ecef8ad9ca31a8372d0c353",
    "first_seen_at": "2021-08-18T10:51:08Z",
    "host": "blog.cloudflare.com",
    "last_seen_at": "2021-09-02T09:57:54Z",
    "name": "session_id",
    "type": "first_party",
    "domain_attribute": "cloudflare.com",
    "expires_attribute": "2021-10-02T09:57:54Z",
    "http_only_attribute": true,
    "max_age_attribute": 3600,
    "page_urls": [
      "blog.cloudflare.com/page1",
      "blog.cloudflare.com/page2"
    ],
    "path_attribute": "/",
    "same_site_attribute": "strict",
    "secure_attribute": true
  },
  "success": true,
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ]
}
```

## Domain Types

### Cookie List Response

- `CookieListResponse`

  - `id: string`

    Identifier

  - `first_seen_at: string`

  - `host: string`

  - `last_seen_at: string`

  - `name: string`

  - `type: "first_party" | "unknown"`

    - `"first_party"`

    - `"unknown"`

  - `domain_attribute?: string`

  - `expires_attribute?: string`

  - `http_only_attribute?: boolean`

  - `max_age_attribute?: number`

  - `page_urls?: Array<string>`

  - `path_attribute?: string`

  - `same_site_attribute?: "lax" | "strict" | "none"`

    - `"lax"`

    - `"strict"`

    - `"none"`

  - `secure_attribute?: boolean`

### Cookie Get Response

- `CookieGetResponse`

  - `id: string`

    Identifier

  - `first_seen_at: string`

  - `host: string`

  - `last_seen_at: string`

  - `name: string`

  - `type: "first_party" | "unknown"`

    - `"first_party"`

    - `"unknown"`

  - `domain_attribute?: string`

  - `expires_attribute?: string`

  - `http_only_attribute?: boolean`

  - `max_age_attribute?: number`

  - `page_urls?: Array<string>`

  - `path_attribute?: string`

  - `same_site_attribute?: "lax" | "strict" | "none"`

    - `"lax"`

    - `"strict"`

    - `"none"`

  - `secure_attribute?: boolean`