AWS waf documentation change
Summary
Updated terminology from 'protection pack or web ACL' to 'protection pack (web ACL)' throughout the document for consistency
Security assessment
Changes are purely terminological clarifications (adding parentheses to associate protection packs with web ACLs) without introducing new security concepts, addressing vulnerabilities, or modifying security guidance. No evidence of security incident remediation or vulnerability disclosure.
Diff
diff --git a/waf/latest/developerguide/customizing-the-incoming-request.md b/waf/latest/developerguide/customizing-the-incoming-request.md index 40c77ee89..9ac6bb4f4 100644 --- a//waf/latest/developerguide/customizing-the-incoming-request.md +++ b//waf/latest/developerguide/customizing-the-incoming-request.md @@ -13 +13 @@ This section explains how to instruct AWS WAF to insert custom headers into the -This option applies to the rule actions Allow, Count, CAPTCHA, and Challenge and to protection pack or web ACL default actions that are set to Allow. For more information about rule actions, see [Using rule actions in AWS WAF](./waf-rule-action.html). For more information about default protection pack or web ACL actions, see [Setting the protection pack or web ACL default action in AWS WAF](./web-acl-default-action.html). +This option applies to the rule actions Allow, Count, CAPTCHA, and Challenge and to protection pack (web ACL) default actions that are set to Allow. For more information about rule actions, see [Using rule actions in AWS WAF](./waf-rule-action.html). For more information about default protection pack (web ACL) actions, see [Setting the protection pack (web ACL) default action in AWS WAF](./web-acl-default-action.html). @@ -25 +25 @@ If the request already has a header with the same name that AWS WAF is inserting -Unlike the Allow action, the Count action doesn't stop AWS WAF from processing the web request using the rest of the rules in the protection pack or web ACL. Similarly, when CAPTCHA and Challenge determine that the request token is valid, these actions don't stop AWS WAF from processing the web request. So, if you insert custom headers using a rule with one of these actions, subsequent rules might also insert custom headers. For more information about rule action behavior, see [Using rule actions in AWS WAF](./waf-rule-action.html). +Unlike the Allow action, the Count action doesn't stop AWS WAF from processing the web request using the rest of the rules in the protection pack (web ACL). Similarly, when CAPTCHA and Challenge determine that the request token is valid, these actions don't stop AWS WAF from processing the web request. So, if you insert custom headers using a rule with one of these actions, subsequent rules might also insert custom headers. For more information about rule action behavior, see [Using rule actions in AWS WAF](./waf-rule-action.html). @@ -42 +42 @@ AWS WAF inserts custom headers into a web request when it finishes inspecting th -You define custom request handling for a rule's action or for a protection pack or web ACL's default action. The following listing shows the JSON for custom handling added to the default action for a protection pack or web ACL. +You define custom request handling for a rule's action or for a protection pack (web ACL)'s default action. The following listing shows the JSON for custom handling added to the default action for a protection pack (web ACL). @@ -63 +63 @@ You define custom request handling for a rule's action or for a protection pack - "Description": "Sample protection pack or web ACL with custom request handling configured for default action.", + "Description": "Sample protection pack (web ACL) with custom request handling configured for default action.",