Interface CfnWebACL.IJsonBodyProperty
Inspect the body of the web request as JSON. The body immediately follows the request headers.
Namespace: Amazon.CDK.AWS.WAFv2
Assembly: Amazon.CDK.Lib.dll
Syntax (csharp)
public interface CfnWebACL.IJsonBodyPropertySyntax (vb)
Public Interface CfnWebACL.IJsonBodyPropertyRemarks
This is used to indicate the web request component to inspect, in the FieldToMatch specification.
Use the specifications in this object to indicate which parts of the JSON body to inspect using the rule's inspection criteria. AWS WAF inspects only the parts of the JSON that result from the matches that you indicate.
Example JSON: "JsonBody": { "MatchPattern": { "All": {} }, "MatchScope": "ALL" }
For additional information about this request component option, see JSON body in the AWS WAF Developer Guide .
ExampleMetadata: fixture=_generated
Examples
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
using Amazon.CDK.AWS.WAFv2;
var all;
var jsonBodyProperty = new JsonBodyProperty {
MatchPattern = new JsonMatchPatternProperty {
All = all,
IncludedPaths = new [] { "includedPaths" }
},
MatchScope = "matchScope",
// the properties below are optional
InvalidFallbackBehavior = "invalidFallbackBehavior",
OversizeHandling = "oversizeHandling"
};Synopsis
Properties
| InvalidFallbackBehavior | What AWS WAF should do if it fails to completely parse the JSON body. The options are the following:. |
| MatchPattern | The patterns to look for in the JSON body. |
| MatchScope | The parts of the JSON to match against using the |
| OversizeHandling | What AWS WAF should do if the body is larger than AWS WAF can inspect. |
Properties
InvalidFallbackBehavior
What AWS WAF should do if it fails to completely parse the JSON body. The options are the following:.
string? InvalidFallbackBehavior { get; }Property Value
Remarks
If you don't provide this setting, AWS WAF parses and evaluates the content only up to the first parsing failure that it encounters.
AWS WAF parsing doesn't fully validate the input JSON string, so parsing can succeed even for invalid JSON. When parsing succeeds, AWS WAF doesn't apply the fallback behavior. For more information, see <a href="https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-fields-list.html#waf-rule-statement-request-component-json-body">JSON body</a> in the <em>AWS WAF Developer Guide</em> .
MatchPattern
The patterns to look for in the JSON body.
object MatchPattern { get; }Property Value
Remarks
AWS WAF inspects the results of these pattern matches against the rule inspection criteria.
Type union: either IResolvable or CfnWebACL.IJsonMatchPatternProperty
MatchScope
The parts of the JSON to match against using the MatchPattern .
string MatchScope { get; }Property Value
Remarks
If you specify ALL , AWS WAF matches against keys and values.
All does not require a match to be found in the keys and a match to be found in the values. It requires a match to be found in the keys or the values or both. To require a match in the keys and in the values, use a logical AND statement to combine two match rules, one that inspects the keys and another that inspects the values.
OversizeHandling
What AWS WAF should do if the body is larger than AWS WAF can inspect.
string? OversizeHandling { get; }Property Value
Remarks
AWS WAF does not support inspecting the entire contents of the web request body if the body exceeds the limit for the resource type. When a web request body is larger than the limit, the underlying host service only forwards the contents that are within the limit to AWS WAF for inspection.
The options for oversize handling are the following:
You can combine the MATCH or NO_MATCH settings for oversize handling with your rule and web ACL action settings, so that you block any request whose body is over the limit.
Default: CONTINUE