API Reference

Copy Markdown

Open in Claude

Open in ChatGPT

Open in Cursor

---

Copy Markdown

View as Markdown

Page Shield

Page ShieldPolicies

resource cloudflare_page_shield_policy

required Expand Collapse

zone_id: String

Identifier

action: String

The action to take if the expression matches

description: String

A description for the policy

enabled: Bool

Whether the policy is enabled

expression: String

The expression which must match for the policy to be applied, using the Cloudflare Firewall rule expression syntax

value: String

The policy which will be applied

computed Expand Collapse

id: String

Identifier

cloudflare_page_shield_policy

Terraform

HTTP

TypeScript

Python

Go

Terraform

resource "cloudflare_page_shield_policy" "example_page_shield_policy" {
  zone_id = "023e105f4ecef8ad9ca31a8372d0c353"
  action = "allow"
  description = "Checkout page CSP policy"
  enabled = true
  expression = "ends_with(http.request.uri.path, \"/checkout\")"
  value = "script-src \'none\';"
}

data cloudflare_page_shield_policy

required Expand Collapse

policy_id: String

Identifier

zone_id: String

Identifier

computed Expand Collapse

id: String

Identifier

action: String

The action to take if the expression matches

description: String

A description for the policy

enabled: Bool

Whether the policy is enabled

expression: String

The expression which must match for the policy to be applied, using the Cloudflare Firewall rule expression syntax

value: String

The policy which will be applied

cloudflare_page_shield_policy

Terraform

HTTP

TypeScript

Python

Go

Terraform

data "cloudflare_page_shield_policy" "example_page_shield_policy" {
  zone_id = "023e105f4ecef8ad9ca31a8372d0c353"
  policy_id = "023e105f4ecef8ad9ca31a8372d0c353"
}

data cloudflare_page_shield_policies

required Expand Collapse

zone_id: String

Identifier

optional Expand Collapse

max_items?: Int64

Max items to fetch, default: 1000

computed Expand Collapse

result: List[Attributes]

The items returned by the data source

id: String

Identifier

action: String

The action to take if the expression matches

description: String

A description for the policy

enabled: Bool

Whether the policy is enabled

expression: String

The expression which must match for the policy to be applied, using the Cloudflare Firewall rule expression syntax

value: String

The policy which will be applied

cloudflare_page_shield_policies

Terraform

HTTP

TypeScript

Python

Go

Terraform

data "cloudflare_page_shield_policies" "example_page_shield_policies" {
  zone_id = "023e105f4ecef8ad9ca31a8372d0c353"
}

Page ShieldConnections

data cloudflare_page_shield_connections

required Expand Collapse

connection_id: String

Identifier

zone_id: String

Identifier

computed Expand Collapse

added_at: Time

domain_reported_malicious: Bool

first_page_url: String

first_seen_at: Time

host: String

id: String

Identifier

last_seen_at: Time

url: String

url_contains_cdn_cgi_path: Bool

url_reported_malicious: Bool

malicious_domain_categories: List[String]

malicious_url_categories: List[String]

page_urls: List[String]

cloudflare_page_shield_connections

Terraform

HTTP

TypeScript

Python

Go

Terraform

data "cloudflare_page_shield_connections" "example_page_shield_connections" {
  zone_id = "023e105f4ecef8ad9ca31a8372d0c353"
  connection_id = "023e105f4ecef8ad9ca31a8372d0c353"
}

data cloudflare_page_shield_connections_list

required Expand Collapse

zone_id: String

Identifier

optional Expand Collapse

direction?: String

The direction used to sort returned connections.

exclude_cdn_cgi?: Bool

When true, excludes connections seen in a /cdn-cgi path from the returned connections. The default value is true.

exclude_urls?: String

Excludes connections whose URL contains one of the URL-encoded URLs separated by commas.

export?: String

Export the list of connections as a file, limited to 50000 entries.

hosts?: String

Includes connections that match one or more URL-encoded hostnames separated by commas.

Wildcards are supported at the start and end of each hostname to support starts with, ends with and contains. If no wildcards are used, results will be filtered by exact match

order_by?: String

The field used to sort returned connections.

page?: String

The current page number of the paginated results.

We additionally support a special value "all". When "all" is used, the API will return all the connections with the applied filters in a single page. This feature is best-effort and it may only work for zones with a low number of connections

page_url?: String

Includes connections that match one or more page URLs (separated by commas) where they were last seen

Wildcards are supported at the start and end of each page URL to support starts with, ends with and contains. If no wildcards are used, results will be filtered by exact match

per_page?: Float64

The number of results per page.

prioritize_malicious?: Bool

When true, malicious connections appear first in the returned connections.

status?: String

Filters the returned connections using a comma-separated list of connection statuses. Accepted values: active, infrequent, and inactive. The default value is active.

urls?: String

Includes connections whose URL contain one or more URL-encoded URLs separated by commas.

max_items?: Int64

Max items to fetch, default: 1000

computed Expand Collapse

result: List[Attributes]

The items returned by the data source

id: String

Identifier

added_at: Time

first_seen_at: Time

host: String

last_seen_at: Time

url: String

url_contains_cdn_cgi_path: Bool

domain_reported_malicious: Bool

first_page_url: String

malicious_domain_categories: List[String]

malicious_url_categories: List[String]

page_urls: List[String]

url_reported_malicious: Bool

cloudflare_page_shield_connections_list

Terraform

HTTP

TypeScript

Python

Go

Terraform

data "cloudflare_page_shield_connections_list" "example_page_shield_connections_list" {
  zone_id = "023e105f4ecef8ad9ca31a8372d0c353"
  direction = "asc"
  exclude_cdn_cgi = true
  exclude_urls = "blog.cloudflare.com,www.example"
  export = "csv"
  hosts = "blog.cloudflare.com,www.example*,*cloudflare.com"
  order_by = "first_seen_at"
  page = "2"
  page_url = "example.com/page,*/checkout,example.com/*,*checkout*"
  per_page = 100
  prioritize_malicious = true
  status = "active,inactive"
  urls = "blog.cloudflare.com,www.example"
}

Page ShieldScripts

data cloudflare_page_shield_scripts

required Expand Collapse

script_id: String

Identifier

zone_id: String

Identifier

computed Expand Collapse

added_at: Time

cryptomining_score: Int64

The cryptomining score of the JavaScript content.

Deprecateddataflow_score: Int64

The dataflow score of the JavaScript content. This field has been deprecated in favour of js_integrity_score.

domain_reported_malicious: Bool

fetched_at: String

The timestamp of when the script was last fetched.

first_page_url: String

first_seen_at: Time

hash: String

The computed hash of the analyzed script.

host: String

id: String

Identifier

js_integrity_score: Int64

The integrity score of the JavaScript content.

last_seen_at: Time

magecart_score: Int64

The magecart score of the JavaScript content.

malware_score: Int64

The malware score of the JavaScript content.

Deprecatedobfuscation_score: Int64

The obfuscation score of the JavaScript content. This field has been deprecated in favour of js_integrity_score.

url: String

url_contains_cdn_cgi_path: Bool

url_reported_malicious: Bool

malicious_domain_categories: List[String]

malicious_url_categories: List[String]

page_urls: List[String]

versions: List[Attributes]

cryptomining_score: Int64

The cryptomining score of the JavaScript content.

Deprecateddataflow_score: Int64

The dataflow score of the JavaScript content. This field has been deprecated in favour of js_integrity_score.

fetched_at: String

The timestamp of when the script was last fetched.

hash: String

The computed hash of the analyzed script.

js_integrity_score: Int64

The integrity score of the JavaScript content.

magecart_score: Int64

The magecart score of the JavaScript content.

malware_score: Int64

The malware score of the JavaScript content.

Deprecatedobfuscation_score: Int64

The obfuscation score of the JavaScript content. This field has been deprecated in favour of js_integrity_score.

cloudflare_page_shield_scripts

Terraform

HTTP

TypeScript

Python

Go

Terraform

data "cloudflare_page_shield_scripts" "example_page_shield_scripts" {
  zone_id = "023e105f4ecef8ad9ca31a8372d0c353"
  script_id = "023e105f4ecef8ad9ca31a8372d0c353"
}

data cloudflare_page_shield_scripts_list

required Expand Collapse

zone_id: String

Identifier

optional Expand Collapse

direction?: String

The direction used to sort returned scripts.

exclude_urls?: String

Excludes scripts whose URL contains one of the URL-encoded URLs separated by commas.

export?: String

Export the list of scripts as a file, limited to 50000 entries.

hosts?: String

Includes scripts that match one or more URL-encoded hostnames separated by commas.

Wildcards are supported at the start and end of each hostname to support starts with, ends with and contains. If no wildcards are used, results will be filtered by exact match

order_by?: String

The field used to sort returned scripts.

page?: String

The current page number of the paginated results.

We additionally support a special value "all". When "all" is used, the API will return all the scripts with the applied filters in a single page. This feature is best-effort and it may only work for zones with a low number of scripts

page_url?: String

Includes scripts that match one or more page URLs (separated by commas) where they were last seen

Wildcards are supported at the start and end of each page URL to support starts with, ends with and contains. If no wildcards are used, results will be filtered by exact match

per_page?: Float64

The number of results per page.

prioritize_malicious?: Bool

When true, malicious scripts appear first in the returned scripts.

status?: String

Filters the returned scripts using a comma-separated list of scripts statuses. Accepted values: active, infrequent, and inactive. The default value is active.

urls?: String

Includes scripts whose URL contain one or more URL-encoded URLs separated by commas.

exclude_cdn_cgi?: Bool

When true, excludes scripts seen in a /cdn-cgi path from the returned scripts. The default value is true.

exclude_duplicates?: Bool

When true, excludes duplicate scripts. We consider a script duplicate of another if their javascript content matches and they share the same url host and zone hostname. In such case, we return the most recent script for the URL host and zone hostname combination.

max_items?: Int64

Max items to fetch, default: 1000

computed Expand Collapse

result: List[Attributes]

The items returned by the data source

id: String

Identifier

added_at: Time

first_seen_at: Time

host: String

last_seen_at: Time

url: String

url_contains_cdn_cgi_path: Bool

cryptomining_score: Int64

The cryptomining score of the JavaScript content.

Deprecateddataflow_score: Int64

The dataflow score of the JavaScript content. This field has been deprecated in favour of js_integrity_score.

domain_reported_malicious: Bool

fetched_at: String

The timestamp of when the script was last fetched.

first_page_url: String

hash: String

The computed hash of the analyzed script.

js_integrity_score: Int64

The integrity score of the JavaScript content.

magecart_score: Int64

The magecart score of the JavaScript content.

malicious_domain_categories: List[String]

malicious_url_categories: List[String]

malware_score: Int64

The malware score of the JavaScript content.

Deprecatedobfuscation_score: Int64

The obfuscation score of the JavaScript content. This field has been deprecated in favour of js_integrity_score.

page_urls: List[String]

url_reported_malicious: Bool

cloudflare_page_shield_scripts_list

Terraform

HTTP

TypeScript

Python

Go

Terraform

data "cloudflare_page_shield_scripts_list" "example_page_shield_scripts_list" {
  zone_id = "023e105f4ecef8ad9ca31a8372d0c353"
  direction = "asc"
  exclude_urls = "blog.cloudflare.com,www.example"
  export = "csv"
  hosts = "blog.cloudflare.com,www.example*,*cloudflare.com"
  order_by = "first_seen_at"
  page = "2"
  page_url = "example.com/page,*/checkout,example.com/*,*checkout*"
  per_page = 100
  prioritize_malicious = true
  status = "active,inactive"
  urls = "blog.cloudflare.com,www.example"
}

Page ShieldCookies

data cloudflare_page_shield_cookies

required Expand Collapse

cookie_id: String

Identifier

zone_id: String

Identifier

computed Expand Collapse

domain_attribute: String

expires_attribute: Time

first_seen_at: Time

host: String

http_only_attribute: Bool

id: String

Identifier

last_seen_at: Time

max_age_attribute: Int64

name: String

path_attribute: String

same_site_attribute: String

secure_attribute: Bool

type: String

page_urls: List[String]

cloudflare_page_shield_cookies

Terraform

HTTP

TypeScript

Python

Go

Terraform

data "cloudflare_page_shield_cookies" "example_page_shield_cookies" {
  zone_id = "023e105f4ecef8ad9ca31a8372d0c353"
  cookie_id = "023e105f4ecef8ad9ca31a8372d0c353"
}

data cloudflare_page_shield_cookies_list

required Expand Collapse

zone_id: String

Identifier

optional Expand Collapse

direction?: String

The direction used to sort returned cookies.'

domain?: String

Filters the returned cookies that match the specified domain attribute

export?: String

Export the list of cookies as a file, limited to 50000 entries.

hosts?: String

Includes cookies that match one or more URL-encoded hostnames separated by commas.

Wildcards are supported at the start and end of each hostname to support starts with, ends with and contains. If no wildcards are used, results will be filtered by exact match

http_only?: Bool

Filters the returned cookies that are set with HttpOnly

name?: String

Filters the returned cookies that match the specified name. Wildcards are supported at the start and end to support starts with, ends with and contains. e.g. session*

order_by?: String

The field used to sort returned cookies.

page?: String

The current page number of the paginated results.

We additionally support a special value "all". When "all" is used, the API will return all the cookies with the applied filters in a single page. This feature is best-effort and it may only work for zones with a low number of cookies

page_url?: String

Includes connections that match one or more page URLs (separated by commas) where they were last seen

Wildcards are supported at the start and end of each page URL to support starts with, ends with and contains. If no wildcards are used, results will be filtered by exact match

path?: String

Filters the returned cookies that match the specified path attribute

per_page?: Float64

The number of results per page.

same_site?: String

Filters the returned cookies that match the specified same_site attribute

secure?: Bool

Filters the returned cookies that are set with Secure

type?: String

Filters the returned cookies that match the specified type attribute

max_items?: Int64

Max items to fetch, default: 1000

computed Expand Collapse

result: List[Attributes]

The items returned by the data source

id: String

Identifier

first_seen_at: Time

host: String

last_seen_at: Time

name: String

type: String

domain_attribute: String

expires_attribute: Time

http_only_attribute: Bool

max_age_attribute: Int64

page_urls: List[String]

path_attribute: String

same_site_attribute: String

secure_attribute: Bool

cloudflare_page_shield_cookies_list

Terraform

HTTP

TypeScript

Python

Go

Terraform

data "cloudflare_page_shield_cookies_list" "example_page_shield_cookies_list" {
  zone_id = "023e105f4ecef8ad9ca31a8372d0c353"
  direction = "asc"
  domain = "example.com"
  export = "csv"
  hosts = "blog.cloudflare.com,www.example*,*cloudflare.com"
  http_only = true
  name = "session_id"
  order_by = "first_seen_at"
  page = "2"
  page_url = "example.com/page,*/checkout,example.com/*,*checkout*"
  path = "/"
  per_page = 100
  same_site = "strict"
  secure = true
  type = "first_party"
}