AWS AWSCloudFormation documentation change
Summary
Updated description to specify 'headers determined by your match scope' instead of generic 'headers of the request'
Security assessment
Clarifies WAF inspection behavior based on user-defined match scope but does not address a security flaw or document new security capabilities. Improves accuracy without security implications.
Diff
diff --git a/AWSCloudFormation/latest/UserGuide/aws-properties-wafv2-rulegroup-headers.md b/AWSCloudFormation/latest/UserGuide/aws-properties-wafv2-rulegroup-headers.md index 458b74257..65f5f27f5 100644 --- a//AWSCloudFormation/latest/UserGuide/aws-properties-wafv2-rulegroup-headers.md +++ b//AWSCloudFormation/latest/UserGuide/aws-properties-wafv2-rulegroup-headers.md @@ -73 +73 @@ _Required_ : Yes -What AWS WAF should do if the headers of the request are more numerous or larger than AWS WAF can inspect. AWS WAF does not support inspecting the entire contents of request headers when they exceed 8 KB (8192 bytes) or 200 total headers. The underlying host service forwards a maximum of 200 headers and at most 8 KB of header contents to AWS WAF. +What AWS WAF should do if the headers determined by your match scope are more numerous or larger than AWS WAF can inspect. AWS WAF does not support inspecting the entire contents of request headers when they exceed 8 KB (8192 bytes) or 200 total headers. The underlying host service forwards a maximum of 200 headers and at most 8 KB of header contents to AWS WAF.