AWS AWSCloudFormation documentation change
Summary
Updated description to specify 'headers determined by your match scope' instead of generic 'headers of the request'
Security assessment
Identical to the RuleGroup headers change - improves clarity about WAF inspection limits but does not address security vulnerabilities or add security documentation.
Diff
diff --git a/AWSCloudFormation/latest/UserGuide/aws-properties-wafv2-webacl-headers.md b/AWSCloudFormation/latest/UserGuide/aws-properties-wafv2-webacl-headers.md index a5ebdbd3b..868cf0096 100644 --- a//AWSCloudFormation/latest/UserGuide/aws-properties-wafv2-webacl-headers.md +++ b//AWSCloudFormation/latest/UserGuide/aws-properties-wafv2-webacl-headers.md @@ -73 +73 @@ _Required_ : Yes -What AWS WAF should do if the headers of the request are more numerous or larger than AWS WAF can inspect. AWS WAF does not support inspecting the entire contents of request headers when they exceed 8 KB (8192 bytes) or 200 total headers. The underlying host service forwards a maximum of 200 headers and at most 8 KB of header contents to AWS WAF. +What AWS WAF should do if the headers determined by your match scope are more numerous or larger than AWS WAF can inspect. AWS WAF does not support inspecting the entire contents of request headers when they exceed 8 KB (8192 bytes) or 200 total headers. The underlying host service forwards a maximum of 200 headers and at most 8 KB of header contents to AWS WAF.