Interface CfnResponseHeadersPolicy.IXSSProtectionProperty

Determines whether CloudFront includes the X-XSS-Protection HTTP response header and the header's value.

Namespace: Amazon.CDK.AWS.CloudFront

Assembly: Amazon.CDK.Lib.dll

Syntax (csharp)

public interface CfnResponseHeadersPolicy.IXSSProtectionProperty

Syntax (vb)

Public Interface CfnResponseHeadersPolicy.IXSSProtectionProperty

Remarks

For more information about the X-XSS-Protection HTTP response header, see X-XSS-Protection in the MDN Web Docs.

See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-responseheaderspolicy-xssprotection.html

ExampleMetadata: fixture=_generated

Examples

// The code below shows an example of how to instantiate this type.
             // The values are placeholders you should change.
             using Amazon.CDK.AWS.CloudFront;

             var xSSProtectionProperty = new XSSProtectionProperty {
                 Override = false,
                 Protection = false,

                 // the properties below are optional
                 ModeBlock = false,
                 ReportUri = "reportUri"
             };

Synopsis

Properties

ModeBlock	A Boolean that determines whether CloudFront includes the `mode=block` directive in the `X-XSS-Protection` header.
Override	A Boolean that determines whether CloudFront overrides the `X-XSS-Protection` HTTP response header received from the origin with the one specified in this response headers policy.
Protection	A Boolean that determines the value of the `X-XSS-Protection` HTTP response header.
ReportUri	A reporting URI, which CloudFront uses as the value of the `report` directive in the `X-XSS-Protection` header.

Properties

ModeBlock

A Boolean that determines whether CloudFront includes the mode=block directive in the X-XSS-Protection header.

object? ModeBlock { get; }

Property Value

object

Remarks

For more information about this directive, see X-XSS-Protection in the MDN Web Docs.

See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-responseheaderspolicy-xssprotection.html#cfn-cloudfront-responseheaderspolicy-xssprotection-modeblock

Type union: either bool or IResolvable

Override

A Boolean that determines whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

object Override { get; }

Property Value

object

Remarks

See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-responseheaderspolicy-xssprotection.html#cfn-cloudfront-responseheaderspolicy-xssprotection-override

Type union: either bool or IResolvable

Protection

A Boolean that determines the value of the X-XSS-Protection HTTP response header.

object Protection { get; }

Property Value

object

Remarks

When this setting is true , the value of the X-XSS-Protection header is 1 . When this setting is false , the value of the X-XSS-Protection header is 0 .

For more information about these settings, see X-XSS-Protection in the MDN Web Docs.

See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-responseheaderspolicy-xssprotection.html#cfn-cloudfront-responseheaderspolicy-xssprotection-protection

Type union: either bool or IResolvable

ReportUri

A reporting URI, which CloudFront uses as the value of the report directive in the X-XSS-Protection header.

string? ReportUri { get; }

Property Value

string

Remarks

You cannot specify a ReportUri when ModeBlock is true .

For more information about using a reporting URL, see X-XSS-Protection in the MDN Web Docs.

See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-responseheaderspolicy-xssprotection.html#cfn-cloudfront-responseheaderspolicy-xssprotection-reporturi