Web request components

This section describes the settings that you can specify for rule statements that inspect a component of the web request. For information on usage, see the individual rule statements.

For the request component settings, you need to specify the component type itself, and additional options that depend on the type. For example, if you choose a component type that contains text to be inspected, you can specify text transformations that you want AWS WAF to apply before evaluating your inspection criteria.

Unless otherwise noted, if a web request doesn't have the request component that's specified in the rule statement, the request results as not matching the rule.

Contents

Request component options
Oversize handling for request components
Text transformations

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

XSS scripting attack

Request component options