AWS waf documentation change
Summary
Updated terminology from 'protection pack or web ACL' to 'protection pack (web ACL)' in multiple sections related to token validation labels
Security assessment
The changes appear to be terminology standardization rather than addressing security vulnerabilities. No evidence of security fixes or new security features added.
Diff
diff --git a/waf/latest/developerguide/waf-tokens-labeling.md b/waf/latest/developerguide/waf-tokens-labeling.md index 50cdf42f4..96f6c3f22 100644 --- a//waf/latest/developerguide/waf-tokens-labeling.md +++ b//waf/latest/developerguide/waf-tokens-labeling.md @@ -60 +60 @@ Following the prefix, the rest of the label provides detailed token status infor - * A domain specification that's valid for the protection pack or web ACL. + * A domain specification that's valid for the protection pack (web ACL). @@ -70 +70 @@ Along with the rejected label, token management adds a custom label namespace an - * `rejected:expired` – The token's challenge or CAPTCHA timestamp has expired, according to your protection pack or web ACL's configured token immunity times. + * `rejected:expired` – The token's challenge or CAPTCHA timestamp has expired, according to your protection pack (web ACL)'s configured token immunity times. @@ -72 +72 @@ Along with the rejected label, token management adds a custom label namespace an - * `rejected:domain_mismatch` – The token's domain isn't a match for your protection pack or web ACL's token domain configuration. + * `rejected:domain_mismatch` – The token's domain isn't a match for your protection pack (web ACL)'s token domain configuration. @@ -76 +76 @@ Along with the rejected label, token management adds a custom label namespace an -Example: The labels `awswaf:managed:captcha:rejected` and `awswaf:managed:captcha:rejected:expired` together indicate that the request didn't have a valid CAPTCHA solve because the CAPTCHA timestamp in the token has exceeded the CAPTCHA token immunity time that's configured in the protection pack or web ACL. +Example: The labels `awswaf:managed:captcha:rejected` and `awswaf:managed:captcha:rejected:expired` together indicate that the request didn't have a valid CAPTCHA solve because the CAPTCHA timestamp in the token has exceeded the CAPTCHA token immunity time that's configured in the protection pack (web ACL).