XssMatchSet
Note
Deprecation notice: AWS WAF Classic support will end on September 30, 2025.
This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF , use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
A complex type that contains XssMatchTuple
objects, which specify the parts of web requests that you
want AWS WAF to inspect for cross-site scripting attacks and, if you want AWS WAF to inspect a header, the name of the header. If a
XssMatchSet
contains more than one XssMatchTuple
object, a request needs to
include cross-site scripting attacks in only one of the specified parts of the request to be considered a match.
Contents
- XssMatchSetId
-
A unique identifier for an
XssMatchSet
. You useXssMatchSetId
to get information about anXssMatchSet
(see GetXssMatchSet), update anXssMatchSet
(see UpdateXssMatchSet), insert anXssMatchSet
into aRule
or delete one from aRule
(see UpdateRule), and delete anXssMatchSet
from AWS WAF (see DeleteXssMatchSet).XssMatchSetId
is returned by CreateXssMatchSet and by ListXssMatchSets.Type: String
Length Constraints: Minimum length of 1. Maximum length of 128.
Pattern:
.*\S.*
Required: Yes
- XssMatchTuples
-
Specifies the parts of web requests that you want to inspect for cross-site scripting attacks.
Type: Array of XssMatchTuple objects
Required: Yes
- Name
-
The name, if any, of the
XssMatchSet
.Type: String
Length Constraints: Minimum length of 1. Maximum length of 128.
Pattern:
.*\S.*
Required: No
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following: