AWS waf documentation change
Summary
Updated script reference and terminology from 'protection pack or web ACL' to 'protection pack (web ACL)' to align with terminology changes
Security assessment
The changes focus on terminology consistency and correcting a script URL format. No new security features or vulnerability mitigations are introduced in these documentation updates.
Diff
diff --git a/waf/latest/developerguide/waf-javascript-api.md b/waf/latest/developerguide/waf-javascript-api.md index ae3ce05ca..4dbff7d63 100644 --- a//waf/latest/developerguide/waf-javascript-api.md +++ b//waf/latest/developerguide/waf-javascript-api.md @@ -24 +24 @@ CAPTCHA puzzles and silent challenges can only run when browsers are accessing H -By using these integrations, you ensure that the remote procedure calls by your client contain a valid token. When these integration APIs are in place on your application's pages, you can implement mitigating rules in your protection pack or web ACL, such as blocking requests that don't contain a valid token. You can also implement rules that enforce the use of the tokens that your client applications obtain, by using the Challenge or CAPTCHA actions in your rules. +By using these integrations, you ensure that the remote procedure calls by your client contain a valid token. When these integration APIs are in place on your application's pages, you can implement mitigating rules in your protection pack (web ACL), such as blocking requests that don't contain a valid token. You can also implement rules that enforce the use of the tokens that your client applications obtain, by using the Challenge or CAPTCHA actions in your rules. @@ -32 +32 @@ The following listing shows basic components of a typical implementation of the - <script type="text/javascript" src="protection pack or web ACL integration URL/challenge.js" defer></script> + <script type="text/javascript" src="protection pack (web ACL) integration URL/challenge.js" defer></script>