HeaderOrder - Amazon WAFV2
ContentsSee Also
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

HeaderOrder

Inspect a string containing the list of the request's header names, ordered as they appear in the web request that Amazon WAF receives for inspection. Amazon WAF generates the string and then uses that as the field to match component in its inspection. Amazon WAF separates the header names in the string using colons and no added spaces, for example host:user-agent:accept:authorization:referer.

Contents

OversizeHandling

What Amazon WAF should do if the headers of the request are more numerous or larger than Amazon WAF can inspect. Amazon WAF does not support inspecting the entire contents of request headers when they exceed 8 KB (8192 bytes) or 200 total headers. The underlying host service forwards a maximum of 200 headers and at most 8 KB of header contents to Amazon WAF.

The options for oversize handling are the following:

  • CONTINUE - Inspect the available headers normally, according to the rule inspection criteria.

  • MATCH - Treat the web request as matching the rule statement. Amazon WAF applies the rule action to the request.

  • NO_MATCH - Treat the web request as not matching the rule statement.

Type: String

Valid Values: CONTINUE | MATCH | NO_MATCH

Required: Yes

See Also

For more information about using this API in one of the language-specific Amazon SDKs, see the following: