Class DesyncMitigationMode
How the load balancer handles requests that might pose a security risk to your application.
Inheritance
System.Object
DesyncMitigationMode
Namespace: Amazon.CDK.AWS.ElasticLoadBalancingV2
Assembly: Amazon.CDK.Lib.dll
Syntax (csharp)
public sealed class DesyncMitigationMode : Enum
Syntax (vb)
Public NotInheritable Class DesyncMitigationMode
Inherits
Enum
Remarks
ExampleMetadata: infused
Examples
Vpc vpc;
var lb = new ApplicationLoadBalancer(this, "LB", new ApplicationLoadBalancerProps {
Vpc = vpc,
InternetFacing = true,
// Whether HTTP/2 is enabled
Http2Enabled = false,
// The idle timeout value, in seconds
IdleTimeout = Duration.Seconds(1000),
// Whether HTTP headers with header fields thatare not valid
// are removed by the load balancer (true), or routed to targets
DropInvalidHeaderFields = true,
// How the load balancer handles requests that might
// pose a security risk to your application
DesyncMitigationMode = DesyncMitigationMode.DEFENSIVE,
// The type of IP addresses to use.
IpAddressType = IpAddressType.IPV4,
// The duration of client keep-alive connections
ClientKeepAlive = Duration.Seconds(500),
// Whether cross-zone load balancing is enabled.
CrossZoneEnabled = true,
// Whether the load balancer blocks traffic through the Internet Gateway (IGW).
DenyAllIgwTraffic = false,
// Whether to preserve host header in the request to the target
PreserveHostHeader = true,
// Whether to add the TLS information header to the request
XAmznTlsVersionAndCipherSuiteHeaders = true,
// Whether the X-Forwarded-For header should preserve the source port
PreserveXffClientPort = true,
// The processing mode for X-Forwarded-For headers
XffHeaderProcessingMode = XffHeaderProcessingMode.APPEND,
// Whether to allow a load balancer to route requests to targets if it is unable to forward the request to AWS WAF.
WafFailOpen = true
});
Synopsis
Fields
DEFENSIVE | Provides durable mitigation against HTTP desync while maintaining the availability of your application. |
MONITOR | Allows all traffic. |
STRICTEST | Receives only requests that comply with RFC 7230. |
value__ |
Fields
DEFENSIVE
Provides durable mitigation against HTTP desync while maintaining the availability of your application.
public const DesyncMitigationMode DEFENSIVE
Field Value
Type | Description |
---|---|
DesyncMitigationMode |
MONITOR
Allows all traffic.
public const DesyncMitigationMode MONITOR
Field Value
Type | Description |
---|---|
DesyncMitigationMode |
STRICTEST
Receives only requests that comply with RFC 7230.
public const DesyncMitigationMode STRICTEST
Field Value
Type | Description |
---|---|
DesyncMitigationMode |
value__
public int value__
Field Value
Type | Description |
---|---|
System.Int32 |