public static interface CfnWebACL.XssMatchStatementProperty
In XSS attacks, the attacker uses vulnerabilities in a benign website as a vehicle to inject malicious client-site scripts into other legitimate web browsers.
Example:
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import software.amazon.awscdk.services.wafv2.*;
Object all;
Object allQueryArguments;
Object method;
Object queryString;
Object singleHeader;
Object singleQueryArgument;
Object uriPath;
XssMatchStatementProperty xssMatchStatementProperty = XssMatchStatementProperty.builder()
.fieldToMatch(FieldToMatchProperty.builder()
.allQueryArguments(allQueryArguments)
.body(BodyProperty.builder()
.oversizeHandling("oversizeHandling")
.build())
.cookies(CookiesProperty.builder()
.matchPattern(CookieMatchPatternProperty.builder()
.all(all)
.excludedCookies(List.of("excludedCookies"))
.includedCookies(List.of("includedCookies"))
.build())
.matchScope("matchScope")
.oversizeHandling("oversizeHandling")
.build())
.headers(HeadersProperty.builder()
.matchPattern(HeaderMatchPatternProperty.builder()
.all(all)
.excludedHeaders(List.of("excludedHeaders"))
.includedHeaders(List.of("includedHeaders"))
.build())
.matchScope("matchScope")
.oversizeHandling("oversizeHandling")
.build())
.jsonBody(JsonBodyProperty.builder()
.matchPattern(JsonMatchPatternProperty.builder()
.all(all)
.includedPaths(List.of("includedPaths"))
.build())
.matchScope("matchScope")
// the properties below are optional
.invalidFallbackBehavior("invalidFallbackBehavior")
.oversizeHandling("oversizeHandling")
.build())
.method(method)
.queryString(queryString)
.singleHeader(singleHeader)
.singleQueryArgument(singleQueryArgument)
.uriPath(uriPath)
.build())
.textTransformations(List.of(TextTransformationProperty.builder()
.priority(123)
.type("type")
.build()))
.build();
| Modifier and Type | Interface and Description |
|---|---|
static class |
CfnWebACL.XssMatchStatementProperty.Builder
A builder for
CfnWebACL.XssMatchStatementProperty |
static class |
CfnWebACL.XssMatchStatementProperty.Jsii$Proxy
An implementation for
CfnWebACL.XssMatchStatementProperty |
| Modifier and Type | Method and Description |
|---|---|
static CfnWebACL.XssMatchStatementProperty.Builder |
builder() |
java.lang.Object |
getFieldToMatch()
The part of the web request that you want AWS WAF to inspect.
|
java.lang.Object |
getTextTransformations()
Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection.
|
java.lang.Object getFieldToMatch()
java.lang.Object getTextTransformations()
If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by FieldToMatch , starting from the lowest priority setting, before inspecting the content for a match.
static CfnWebACL.XssMatchStatementProperty.Builder builder()