AWS elasticloadbalancing documentation change
Summary
Reordered condition type sections and moved HTTP header/method conditions lower in document structure
Security assessment
While no security vulnerability is addressed, the preserved note about 'routing.http.drop_invalid_header_fields' documents a security feature that sanitizes headers. The reordering improves documentation structure but doesn't introduce new security content.
Diff
diff --git a/elasticloadbalancing/latest/application/rule-condition-types.md b/elasticloadbalancing/latest/application/rule-condition-types.md index 6b4b3c004..1df986875 100644 --- a//elasticloadbalancing/latest/application/rule-condition-types.md +++ b//elasticloadbalancing/latest/application/rule-condition-types.md @@ -5 +5 @@ -HTTP header conditionsHTTP request method conditionsHost conditionsPath conditionsQuery string conditionsSource IP address conditions +Host conditionsHTTP header conditionsHTTP request method conditionsPath conditionsQuery string conditionsSource IP address conditions @@ -62,41 +61,0 @@ For demos, see [Advanced request routing](https://exampleloadbalancer.com/advanc -## HTTP header conditions - -You can use HTTP header conditions to configure rules that route requests based on the HTTP headers for the request. You can specify the names of standard or custom HTTP header fields. The header name and the match evaluation are not case-sensitive. The following wildcard characters are supported in the comparison strings: * (matches 0 or more characters) and ? (matches exactly 1 character). Wildcard characters are not supported in the header name. - -When the Application Load Balancer attribute `routing.http.drop_invalid_header_fields` is enabled, it will drop header names that don't conform to the regular expressions (`A-Z,a-z,0-9`). Header names that don't conform to the regular expressions can also be added. - -###### Example HTTP header condition for the AWS CLI - -You can specify conditions when you create or modify a rule. For more information, see the [create-rule](https://docs.aws.amazon.com/cli/latest/reference/elbv2/create-rule.html) and [modify-rule](https://docs.aws.amazon.com/cli/latest/reference/elbv2/modify-rule.html) commands. The following condition is satisfied by requests with a User-Agent header that matches one of the specified strings. - - - [ - { - "Field": "http-header", - "HttpHeaderConfig": { - "HttpHeaderName": "User-Agent", - "Values": ["*Chrome*", "*Safari*"] - } - } - ] - -## HTTP request method conditions - -You can use HTTP request method conditions to configure rules that route requests based on the HTTP request method of the request. You can specify standard or custom HTTP methods. The match evaluation is case-sensitive. Wildcard characters are not supported; therefore, the method name must be an exact match. - -We recommend that you route GET and HEAD requests in the same way, because the response to a HEAD request may be cached. - -###### Example HTTP method condition for the AWS CLI - -You can specify conditions when you create or modify a rule. For more information, see the [create-rule](https://docs.aws.amazon.com/cli/latest/reference/elbv2/create-rule.html) and [modify-rule](https://docs.aws.amazon.com/cli/latest/reference/elbv2/modify-rule.html) commands. The following condition is satisfied by requests that use the specified method. - - - [ - { - "Field": "http-request-method", - "HttpRequestMethodConfig": { - "Values": ["CUSTOM-METHOD"] - } - } - ] - @@ -148,0 +108,41 @@ You can specify conditions when you create or modify a rule. For more informatio +## HTTP header conditions + +You can use HTTP header conditions to configure rules that route requests based on the HTTP headers for the request. You can specify the names of standard or custom HTTP header fields. The header name and the match evaluation are not case-sensitive. The following wildcard characters are supported in the comparison strings: * (matches 0 or more characters) and ? (matches exactly 1 character). Wildcard characters are not supported in the header name. + +When the Application Load Balancer attribute `routing.http.drop_invalid_header_fields` is enabled, it will drop header names that don't conform to the regular expressions (`A-Z,a-z,0-9`). Header names that don't conform to the regular expressions can also be added. + +###### Example HTTP header condition for the AWS CLI + +You can specify conditions when you create or modify a rule. For more information, see the [create-rule](https://docs.aws.amazon.com/cli/latest/reference/elbv2/create-rule.html) and [modify-rule](https://docs.aws.amazon.com/cli/latest/reference/elbv2/modify-rule.html) commands. The following condition is satisfied by requests with a User-Agent header that matches one of the specified strings. + + + [ + { + "Field": "http-header", + "HttpHeaderConfig": { + "HttpHeaderName": "User-Agent", + "Values": ["*Chrome*", "*Safari*"] + } + } + ] + +## HTTP request method conditions + +You can use HTTP request method conditions to configure rules that route requests based on the HTTP request method of the request. You can specify standard or custom HTTP methods. The match evaluation is case-sensitive. Wildcard characters are not supported; therefore, the method name must be an exact match. + +We recommend that you route GET and HEAD requests in the same way, because the response to a HEAD request may be cached. + +###### Example HTTP method condition for the AWS CLI + +You can specify conditions when you create or modify a rule. For more information, see the [create-rule](https://docs.aws.amazon.com/cli/latest/reference/elbv2/create-rule.html) and [modify-rule](https://docs.aws.amazon.com/cli/latest/reference/elbv2/modify-rule.html) commands. The following condition is satisfied by requests that use the specified method. + + + [ + { + "Field": "http-request-method", + "HttpRequestMethodConfig": { + "Values": ["CUSTOM-METHOD"] + } + } + ] +