ResponseHeadersPolicyXSSProtection
Determines whether CloudFront includes the X-XSS-Protection HTTP response
header and the header's value.
For more information about the X-XSS-Protection HTTP response header, see
X-XSS-Protection
Contents
- Override
-
A Boolean that determines whether CloudFront overrides the
X-XSS-ProtectionHTTP response header received from the origin with the one specified in this response headers policy.Type: Boolean
Required: Yes
- Protection
-
A Boolean that determines the value of the
X-XSS-ProtectionHTTP response header. When this setting istrue, the value of theX-XSS-Protectionheader is1. When this setting isfalse, the value of theX-XSS-Protectionheader is0.For more information about these settings, see X-XSS-Protection
in the MDN Web Docs. Type: Boolean
Required: Yes
- ModeBlock
-
A Boolean that determines whether CloudFront includes the
mode=blockdirective in theX-XSS-Protectionheader.For more information about this directive, see X-XSS-Protection
in the MDN Web Docs. Type: Boolean
Required: No
- ReportUri
-
A reporting URI, which CloudFront uses as the value of the
reportdirective in theX-XSS-Protectionheader.You cannot specify a
ReportUriwhenModeBlockistrue.For more information about using a reporting URL, see X-XSS-Protection
in the MDN Web Docs. Type: String
Required: No
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
