public static interface CfnWebACL.XssMatchStatementProperty
In XSS attacks, the attacker uses vulnerabilities in a benign website as a vehicle to inject malicious client-site scripts into other legitimate web browsers.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import software.amazon.awscdk.services.wafv2.*; Object all; Object allQueryArguments; Object method; Object queryString; Object singleHeader; Object singleQueryArgument; Object uriPath; XssMatchStatementProperty xssMatchStatementProperty = XssMatchStatementProperty.builder() .fieldToMatch(FieldToMatchProperty.builder() .allQueryArguments(allQueryArguments) .body(BodyProperty.builder() .oversizeHandling("oversizeHandling") .build()) .cookies(CookiesProperty.builder() .matchPattern(CookieMatchPatternProperty.builder() .all(all) .excludedCookies(List.of("excludedCookies")) .includedCookies(List.of("includedCookies")) .build()) .matchScope("matchScope") .oversizeHandling("oversizeHandling") .build()) .headers(HeadersProperty.builder() .matchPattern(HeaderMatchPatternProperty.builder() .all(all) .excludedHeaders(List.of("excludedHeaders")) .includedHeaders(List.of("includedHeaders")) .build()) .matchScope("matchScope") .oversizeHandling("oversizeHandling") .build()) .jsonBody(JsonBodyProperty.builder() .matchPattern(JsonMatchPatternProperty.builder() .all(all) .includedPaths(List.of("includedPaths")) .build()) .matchScope("matchScope") // the properties below are optional .invalidFallbackBehavior("invalidFallbackBehavior") .oversizeHandling("oversizeHandling") .build()) .method(method) .queryString(queryString) .singleHeader(singleHeader) .singleQueryArgument(singleQueryArgument) .uriPath(uriPath) .build()) .textTransformations(List.of(TextTransformationProperty.builder() .priority(123) .type("type") .build())) .build();
Modifier and Type | Interface and Description |
---|---|
static class |
CfnWebACL.XssMatchStatementProperty.Builder
A builder for
CfnWebACL.XssMatchStatementProperty |
static class |
CfnWebACL.XssMatchStatementProperty.Jsii$Proxy
An implementation for
CfnWebACL.XssMatchStatementProperty |
Modifier and Type | Method and Description |
---|---|
static CfnWebACL.XssMatchStatementProperty.Builder |
builder() |
java.lang.Object |
getFieldToMatch()
The part of the web request that you want AWS WAF to inspect.
|
java.lang.Object |
getTextTransformations()
Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection.
|
java.lang.Object getFieldToMatch()
java.lang.Object getTextTransformations()
If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by FieldToMatch
, starting from the lowest priority setting, before inspecting the content for a match.
static CfnWebACL.XssMatchStatementProperty.Builder builder()