AWS apigateway documentation change
Summary
Clarified that API Gateway only checks parameter existence, not type/format, during basic validation.
Security assessment
Highlights limitations in request validation, which is critical for secure API design but does not address a specific vulnerability.
Diff
diff --git a/apigateway/latest/developerguide/api-gateway-method-request-validation.md b/apigateway/latest/developerguide/api-gateway-method-request-validation.md index a3a208ced..d194af9cb 100644 --- a//apigateway/latest/developerguide/api-gateway-method-request-validation.md +++ b//apigateway/latest/developerguide/api-gateway-method-request-validation.md @@ -28 +28 @@ API Gateway can perform the basic request validation, so that you can focus on a - * The required request parameters in the URI, query string, and headers of an incoming request are included and not blank. + * The required request parameters in the URI, query string, and headers of an incoming request are included and not blank. API Gateway only checks the existence of a parameter and doesn't check the type or format.