HeaderOrder
Inspect a string containing the list of the request's header names, ordered as they appear in the web request
that Amazon WAF receives for inspection.
Amazon WAF generates the string and then uses that as the field to match component in its inspection.
Amazon WAF separates the header names in the string using colons and no added spaces, for example host:user-agent:accept:authorization:referer
.
Contents
- OversizeHandling
-
What Amazon WAF should do if the headers of the request are more numerous or larger than Amazon WAF can inspect. Amazon WAF does not support inspecting the entire contents of request headers when they exceed 8 KB (8192 bytes) or 200 total headers. The underlying host service forwards a maximum of 200 headers and at most 8 KB of header contents to Amazon WAF.
The options for oversize handling are the following:
-
CONTINUE
- Inspect the available headers normally, according to the rule inspection criteria. -
MATCH
- Treat the web request as matching the rule statement. Amazon WAF applies the rule action to the request. -
NO_MATCH
- Treat the web request as not matching the rule statement.
Type: String
Valid Values:
CONTINUE | MATCH | NO_MATCH
Required: Yes
-
See Also
For more information about using this API in one of the language-specific Amazon SDKs, see the following: