XssMatchStatement
import type { XssMatchStatement } from "https://aws-api.deno.dev/v0.4/services/wafv2.ts?docs=full";
A rule statement that inspects for cross-site scripting (XSS) attacks. In XSS attacks, the attacker uses vulnerabilities in a benign website as a vehicle to inject malicious client-site scripts into other legitimate web browsers.
§Properties
§
FieldToMatch: FieldToMatch
[src]The part of the web request that you want WAF to inspect.
§
TextTransformations: TextTransformation[]
[src]Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection.
If you specify one or more transformations in a rule statement, WAF performs all transformations on the content of the request component identified by FieldToMatch
, starting from the lowest priority setting, before inspecting the content for a match.