XssMatchSet
Note
This is Amazon WAF Classic documentation. For more information, see Amazon WAF Classic in the developer guide.
For the latest version of Amazon WAF , use the Amazon WAFV2 API and see the Amazon WAF Developer Guide. With the latest version, Amazon WAF has a single set of endpoints for regional and global use.
A complex type that contains XssMatchTuple
objects, which specify the parts of web requests that you
want Amazon WAF to inspect for cross-site scripting attacks and, if you want Amazon WAF to inspect a header, the name of the header. If a
XssMatchSet
contains more than one XssMatchTuple
object, a request needs to
include cross-site scripting attacks in only one of the specified parts of the request to be considered a match.
Contents
- XssMatchSetId
-
A unique identifier for an
XssMatchSet
. You useXssMatchSetId
to get information about anXssMatchSet
(see GetXssMatchSet), update anXssMatchSet
(see UpdateXssMatchSet), insert anXssMatchSet
into aRule
or delete one from aRule
(see UpdateRule), and delete anXssMatchSet
from Amazon WAF (see DeleteXssMatchSet).XssMatchSetId
is returned by CreateXssMatchSet and by ListXssMatchSets.Type: String
Length Constraints: Minimum length of 1. Maximum length of 128.
Pattern:
.*\S.*
Required: Yes
- XssMatchTuples
-
Specifies the parts of web requests that you want to inspect for cross-site scripting attacks.
Type: Array of XssMatchTuple objects
Required: Yes
- Name
-
The name, if any, of the
XssMatchSet
.Type: String
Length Constraints: Minimum length of 1. Maximum length of 128.
Pattern:
.*\S.*
Required: No
See Also
For more information about using this API in one of the language-specific Amazon SDKs, see the following: