Skip to content
Cloudflare API
Start here
API Reference
Page Shield

Scripts

data cloudflare_page_shield_scripts

required Expand Collapse
script_id: String

Identifier

zone_id: String

Identifier

computed Expand Collapse
added_at: Time
cryptomining_score: Int64

The cryptomining score of the JavaScript content.

Deprecateddataflow_score: Int64

The dataflow score of the JavaScript content. This field has been deprecated in favour of js_integrity_score.

domain_reported_malicious: Bool
fetched_at: String

The timestamp of when the script was last fetched.

first_page_url: String
first_seen_at: Time
hash: String

The computed hash of the analyzed script.

host: String
id: String

Identifier

js_integrity_score: Int64

The integrity score of the JavaScript content.

last_seen_at: Time
magecart_score: Int64

The magecart score of the JavaScript content.

malware_score: Int64

The malware score of the JavaScript content.

Deprecatedobfuscation_score: Int64

The obfuscation score of the JavaScript content. This field has been deprecated in favour of js_integrity_score.

url: String
url_contains_cdn_cgi_path: Bool
url_reported_malicious: Bool
malicious_domain_categories: List[String]
malicious_url_categories: List[String]
page_urls: List[String]
versions: List[Attributes]
cryptomining_score: Int64

The cryptomining score of the JavaScript content.

Deprecateddataflow_score: Int64

The dataflow score of the JavaScript content. This field has been deprecated in favour of js_integrity_score.

fetched_at: String

The timestamp of when the script was last fetched.

hash: String

The computed hash of the analyzed script.

js_integrity_score: Int64

The integrity score of the JavaScript content.

magecart_score: Int64

The magecart score of the JavaScript content.

malware_score: Int64

The malware score of the JavaScript content.

Deprecatedobfuscation_score: Int64

The obfuscation score of the JavaScript content. This field has been deprecated in favour of js_integrity_score.

cloudflare_page_shield_scripts

data "cloudflare_page_shield_scripts" "example_page_shield_scripts" {
  zone_id = "023e105f4ecef8ad9ca31a8372d0c353"
  script_id = "023e105f4ecef8ad9ca31a8372d0c353"
}

data cloudflare_page_shield_scripts_list

required Expand Collapse
zone_id: String

Identifier

optional Expand Collapse
direction?: String

The direction used to sort returned scripts.

exclude_urls?: String

Excludes scripts whose URL contains one of the URL-encoded URLs separated by commas.

export?: String

Export the list of scripts as a file, limited to 50000 entries.

hosts?: String

Includes scripts that match one or more URL-encoded hostnames separated by commas.

Wildcards are supported at the start and end of each hostname to support starts with, ends with and contains. If no wildcards are used, results will be filtered by exact match

order_by?: String

The field used to sort returned scripts.

page?: String

The current page number of the paginated results.

We additionally support a special value "all". When "all" is used, the API will return all the scripts with the applied filters in a single page. This feature is best-effort and it may only work for zones with a low number of scripts

page_url?: String

Includes scripts that match one or more page URLs (separated by commas) where they were last seen

Wildcards are supported at the start and end of each page URL to support starts with, ends with and contains. If no wildcards are used, results will be filtered by exact match

per_page?: Float64

The number of results per page.

prioritize_malicious?: Bool

When true, malicious scripts appear first in the returned scripts.

status?: String

Filters the returned scripts using a comma-separated list of scripts statuses. Accepted values: active, infrequent, and inactive. The default value is active.

urls?: String

Includes scripts whose URL contain one or more URL-encoded URLs separated by commas.

exclude_cdn_cgi?: Bool

When true, excludes scripts seen in a /cdn-cgi path from the returned scripts. The default value is true.

exclude_duplicates?: Bool

When true, excludes duplicate scripts. We consider a script duplicate of another if their javascript content matches and they share the same url host and zone hostname. In such case, we return the most recent script for the URL host and zone hostname combination.

max_items?: Int64

Max items to fetch, default: 1000

computed Expand Collapse
result: List[Attributes]

The items returned by the data source

id: String

Identifier

added_at: Time
first_seen_at: Time
host: String
last_seen_at: Time
url: String
url_contains_cdn_cgi_path: Bool
cryptomining_score: Int64

The cryptomining score of the JavaScript content.

Deprecateddataflow_score: Int64

The dataflow score of the JavaScript content. This field has been deprecated in favour of js_integrity_score.

domain_reported_malicious: Bool
fetched_at: String

The timestamp of when the script was last fetched.

first_page_url: String
hash: String

The computed hash of the analyzed script.

js_integrity_score: Int64

The integrity score of the JavaScript content.

magecart_score: Int64

The magecart score of the JavaScript content.

malicious_domain_categories: List[String]
malicious_url_categories: List[String]
malware_score: Int64

The malware score of the JavaScript content.

Deprecatedobfuscation_score: Int64

The obfuscation score of the JavaScript content. This field has been deprecated in favour of js_integrity_score.

page_urls: List[String]
url_reported_malicious: Bool

cloudflare_page_shield_scripts_list

data "cloudflare_page_shield_scripts_list" "example_page_shield_scripts_list" {
  zone_id = "023e105f4ecef8ad9ca31a8372d0c353"
  direction = "asc"
  exclude_urls = "blog.cloudflare.com,www.example"
  export = "csv"
  hosts = "blog.cloudflare.com,www.example*,*cloudflare.com"
  order_by = "first_seen_at"
  page = "2"
  page_url = "example.com/page,*/checkout,example.com/*,*checkout*"
  per_page = 100
  prioritize_malicious = true
  status = "active,inactive"
  urls = "blog.cloudflare.com,www.example"
}