General considerations when using regular expressions

Before using the URL Regular Expression match with Cloudlets, consider the following:

  • There is a maximum processing cost per policy. Regular expressions have a very high processing cost, often 100 times more expensive than other match criteria. The actual number of rules processed per policy depends on the complexity of the regular expressions defined. You can exceed the maximum cost for the policy by as few as 50 to 100 regular expressions.
  • Only use regular expressions and capture groups if you need to extract a value and use it in either a redirect or a forward path. They add significant cost.
  • When using regular expressions, you can reduce the cost by constructing your rule to first match based on path or query string before matching on the regex. The path and query string matches both allow wildcards.
  • Don’t include the incoming protocol in the regex if the redirect path uses the same protocol. In the regex implementation for Cloudlets, the incoming protocol is included by default.

    For example, if your regex is ^https?://*)/ and \1://\2 is the redirect, you can use*) as the regex and\1 as the redirect instead.

  • As processing errors occur during runtime, the only way currently to determine whether your policy will exceed the maximum processing cost is through thorough testing. If you hit the maximum during testing, try making your regular expressions more efficient, and follow the best practices listed below.