AWS waf documentation change
Summary
Updated phrasing from 'protection pack or web ACL' to 'protection pack (web ACL)'
Security assessment
Documentation consistency update. The best practices context remains unchanged, with no new security guidance or vulnerability mitigation.
Diff
diff --git a/waf/latest/developerguide/waf-captcha-and-challenge-best-practices.md b/waf/latest/developerguide/waf-captcha-and-challenge-best-practices.md index 35182b345..86c484f15 100644 --- a//waf/latest/developerguide/waf-captcha-and-challenge-best-practices.md +++ b//waf/latest/developerguide/waf-captcha-and-challenge-best-practices.md @@ -33 +33 @@ For example, if you implement the JavaScript client application CAPTCHA API, and -For this situation, in your protection pack or web ACL, you can add a rule that matches against this first call and configure it with the Challenge or CAPTCHA rule action. When the rule matches for a legitimate end user and browser, the action will find a valid token, and therefore will not block the request or send a challenge or CAPTCHA puzzle in response. For more information about how the rule actions work, see [CAPTCHA and Challenge action behavior](./waf-captcha-and-challenge-actions.html). +For this situation, in your protection pack (web ACL), you can add a rule that matches against this first call and configure it with the Challenge or CAPTCHA rule action. When the rule matches for a legitimate end user and browser, the action will find a valid token, and therefore will not block the request or send a challenge or CAPTCHA puzzle in response. For more information about how the rule actions work, see [CAPTCHA and Challenge action behavior](./waf-captcha-and-challenge-actions.html).