AWS services or capabilities described in AWS Documentation may vary by region/location. Click Getting Started with Amazon AWS to see specific differences applicable to the China (Beijing) Region.
Specifies the part of a web request that you want AWS WAF to inspect for cross-site scripting attacks and, if you want AWS WAF to inspect a header, the name of the header.
public class XssMatchTuple
The XssMatchTuple type exposes the following members
Gets and sets the property FieldToMatch.
Specifies where in a web request to look for cross-site scripting attacks.
Gets and sets the property TextTransformation.
Text transformations eliminate some of the unusual formatting that attackers use in
web requests in an effort to bypass AWS WAF. If you specify a transformation, AWS
WAF performs the transformation on
When you're concerned that attackers are injecting an operating system commandline command and using unusual formatting to disguise some or all of the command, use this option to perform the following transformations:
Use this option to replace the following characters with a space character (decimal 32):
Use this option to replace HTML-encoded characters with unencoded characters.
Use this option to convert uppercase letters (A-Z) to lowercase (a-z).
Use this option to decode a URL-encoded value.
Supported in: 1.3
Supported in: 4.5, 4.0, 3.5
Portable Class Library:
Supported in: Windows Store Apps
Supported in: Windows Phone 8.1
Supported in: Xamarin Android
Supported in: Xamarin iOS (Unified)
Supported in: Xamarin.Forms