aws-cdk-lib.aws_wafv2.CfnRuleGroup.XssMatchStatementProperty

interface XssMatchStatementProperty

LanguageType name
.NETAmazon.CDK.AWS.WAFv2.CfnRuleGroup.XssMatchStatementProperty
Gogithub.com/aws/aws-cdk-go/awscdk/v2/awswafv2#CfnRuleGroup_XssMatchStatementProperty
Javasoftware.amazon.awscdk.services.wafv2.CfnRuleGroup.XssMatchStatementProperty
Pythonaws_cdk.aws_wafv2.CfnRuleGroup.XssMatchStatementProperty
TypeScript aws-cdk-lib » aws_wafv2 » CfnRuleGroup » XssMatchStatementProperty

A rule statement that inspects for cross-site scripting (XSS) attacks.

In XSS attacks, the attacker uses vulnerabilities in a benign website as a vehicle to inject malicious client-site scripts into other legitimate web browsers.

Example

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import { aws_wafv2 as wafv2 } from 'aws-cdk-lib';

declare const all: any;
declare const allQueryArguments: any;
declare const method: any;
declare const queryString: any;
declare const singleHeader: any;
declare const singleQueryArgument: any;
declare const uriPath: any;
const xssMatchStatementProperty: wafv2.CfnRuleGroup.XssMatchStatementProperty = {
  fieldToMatch: {
    allQueryArguments: allQueryArguments,
    body: {
      oversizeHandling: 'oversizeHandling',
    },
    cookies: {
      matchPattern: {
        all: all,
        excludedCookies: ['excludedCookies'],
        includedCookies: ['includedCookies'],
      },
      matchScope: 'matchScope',
      oversizeHandling: 'oversizeHandling',
    },
    headers: {
      matchPattern: {
        all: all,
        excludedHeaders: ['excludedHeaders'],
        includedHeaders: ['includedHeaders'],
      },
      matchScope: 'matchScope',
      oversizeHandling: 'oversizeHandling',
    },
    jsonBody: {
      matchPattern: {
        all: all,
        includedPaths: ['includedPaths'],
      },
      matchScope: 'matchScope',

      // the properties below are optional
      invalidFallbackBehavior: 'invalidFallbackBehavior',
      oversizeHandling: 'oversizeHandling',
    },
    method: method,
    queryString: queryString,
    singleHeader: singleHeader,
    singleQueryArgument: singleQueryArgument,
    uriPath: uriPath,
  },
  textTransformations: [{
    priority: 123,
    type: 'type',
  }],
};

Properties

NameTypeDescription
fieldToMatchIResolvable | FieldToMatchPropertyThe part of the web request that you want AWS WAF to inspect.
textTransformationsIResolvable | IResolvable | TextTransformationProperty[]Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection.

fieldToMatch

Type: IResolvable | FieldToMatchProperty

The part of the web request that you want AWS WAF to inspect.


textTransformations

Type: IResolvable | IResolvable | TextTransformationProperty[]

Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection.

If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by FieldToMatch , starting from the lowest priority setting, before inspecting the content for a match.