(http.host eq "example.com" and (
(starts_with(http.request.uri.path, "/api/info") and (
not (http.request.method eq "GET") or
not all(http.request.headers["authorization"][*] matches "^Bearer key-.+") or
not any(http.request.headers["authorization"][*] matches "^Bearer key-.+") or
not ssl
)) or
(starts_with(http.request.uri.path, "/api/new") and (
not (http.request.method eq "POST") or
not all(http.request.headers["authorization"][*] matches "^Bearer key-.+") or
not any(http.request.headers["authorization"][*] matches "^Bearer key-.+") or
not ssl
)) or
(starts_with(http.request.uri.path, "/api/delete") and (
not (http.request.method eq "POST") or
not all(http.request.headers["authorization"][*] matches "^Bearer key-.+") or
not any(http.request.headers["authorization"][*] matches "^Bearer key-.+") or
not ssl
))
))
(http.host eq "example.com" and (
(starts_with(http.request.uri.path, "/api/info") and (
not (http.request.method eq "GET") or
not all(http.request.headers["authorization"][*] matches "^Bearer key-.+") or
not any(http.request.headers["authorization"][*] matches "^Bearer key-.+") or
not ssl
)) or
(starts_with(http.request.uri.path, "/api/new") and (
not (http.request.method eq "POST") or
not all(http.request.headers["authorization"][*] matches "^Bearer key-.+") or
not any(http.request.headers["authorization"][*] matches "^Bearer key-.+") or
not ssl
)) or
(starts_with(http.request.uri.path, "/api/delete") and (
not (http.request.method eq "POST") or
not all(http.request.headers["authorization"][*] matches "^Bearer key-.+") or
not any(http.request.headers["authorization"][*] matches "^Bearer key-.+") or
not ssl
))
))
