Interface CfnResponseHeadersPolicy.ISecurityHeadersConfigProperty
A configuration for a set of security-related HTTP response headers.
Namespace: Amazon.CDK.AWS.CloudFront
Assembly: Amazon.CDK.Lib.dll
Syntax (csharp)
public interface ISecurityHeadersConfigPropertySyntax (vb)
Public Interface ISecurityHeadersConfigPropertyRemarks
CloudFront adds these headers to HTTP responses that it sends for requests that match a cache behavior associated with this response headers policy.
ExampleMetadata: fixture=_generated
Examples
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
using Amazon.CDK.AWS.CloudFront;
var securityHeadersConfigProperty = new SecurityHeadersConfigProperty {
ContentSecurityPolicy = new ContentSecurityPolicyProperty {
ContentSecurityPolicy = "contentSecurityPolicy",
Override = false
},
ContentTypeOptions = new ContentTypeOptionsProperty {
Override = false
},
FrameOptions = new FrameOptionsProperty {
FrameOption = "frameOption",
Override = false
},
ReferrerPolicy = new ReferrerPolicyProperty {
Override = false,
ReferrerPolicy = "referrerPolicy"
},
StrictTransportSecurity = new StrictTransportSecurityProperty {
AccessControlMaxAgeSec = 123,
Override = false,
// the properties below are optional
IncludeSubdomains = false,
Preload = false
},
XssProtection = new XSSProtectionProperty {
Override = false,
Protection = false,
// the properties below are optional
ModeBlock = false,
ReportUri = "reportUri"
}
};Synopsis
Properties
| Content |
The policy directives and their values that CloudFront includes as values for the |
| Content |
Determines whether CloudFront includes the |
| Frame |
Determines whether CloudFront includes the |
| Referrer |
Determines whether CloudFront includes the |
| Strict |
Determines whether CloudFront includes the |
| Xss |
Determines whether CloudFront includes the |
Properties
ContentSecurityPolicy
The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.
virtual object ContentSecurityPolicy { get; }Property Value
System.
Remarks
For more information about the Content-Security-Policy HTTP response header, see Content-Security-Policy in the MDN Web Docs.
ContentTypeOptions
Determines whether CloudFront includes the X-Content-Type-Options HTTP response header with its value set to nosniff .
virtual object ContentTypeOptions { get; }Property Value
System.
Remarks
For more information about the X-Content-Type-Options HTTP response header, see X-Content-Type-Options in the MDN Web Docs.
FrameOptions
Determines whether CloudFront includes the X-Frame-Options HTTP response header and the header's value.
virtual object FrameOptions { get; }Property Value
System.
Remarks
For more information about the X-Frame-Options HTTP response header, see X-Frame-Options in the MDN Web Docs.
ReferrerPolicy
Determines whether CloudFront includes the Referrer-Policy HTTP response header and the header's value.
virtual object ReferrerPolicy { get; }Property Value
System.
Remarks
For more information about the Referrer-Policy HTTP response header, see Referrer-Policy in the MDN Web Docs.
StrictTransportSecurity
Determines whether CloudFront includes the Strict-Transport-Security HTTP response header and the header's value.
virtual object StrictTransportSecurity { get; }Property Value
System.
Remarks
For more information about the Strict-Transport-Security HTTP response header, see Security headers in the Amazon CloudFront Developer Guide and Strict-Transport-Security in the MDN Web Docs.
XssProtection
Determines whether CloudFront includes the X-XSS-Protection HTTP response header and the header's value.
virtual object XssProtection { get; }Property Value
System.
Remarks
For more information about the X-XSS-Protection HTTP response header, see X-XSS-Protection in the MDN Web Docs.