AWS ivs documentation change
Summary
Added HTTP response headers documentation (including security headers) for various error responses.
Security assessment
The change adds documentation for security-related HTTP response headers (contentSecurityPolicy, strictTransportSecurity, xContentTypeOptions, xFrameOptions) in error responses. This is documentation enhancement for security headers but doesn't address a specific security vulnerability.
Diff
diff --git a/ivs/latest/LowLatencyAPIReference/API_StartViewerSessionRevocation.md b/ivs/latest/LowLatencyAPIReference/API_StartViewerSessionRevocation.md index 3e0be1434..a688663a3 100644 --- a//ivs/latest/LowLatencyAPIReference/API_StartViewerSessionRevocation.md +++ b//ivs/latest/LowLatencyAPIReference/API_StartViewerSessionRevocation.md @@ -84,0 +85,12 @@ For information about the errors that are common to all actions, see [Common Err +**accessControlAllowOrigin** + + +**accessControlExposeHeaders** + + +**cacheControl** + + +**contentSecurityPolicy** + + @@ -89,0 +102,12 @@ User does not have sufficient access to perform this action. +**strictTransportSecurity** + + +**xAmznErrorType** + + +**xContentTypeOptions** + + +**xFrameOptions** + + @@ -94,0 +119,12 @@ HTTP Status Code: 403 +**accessControlAllowOrigin** + + +**accessControlExposeHeaders** + + +**cacheControl** + + +**contentSecurityPolicy** + + @@ -99,0 +136,12 @@ Unexpected error during processing of request. +**strictTransportSecurity** + + +**xAmznErrorType** + + +**xContentTypeOptions** + + +**xFrameOptions** + + @@ -104,0 +153,12 @@ HTTP Status Code: 500 +**accessControlAllowOrigin** + + +**accessControlExposeHeaders** + + +**cacheControl** + + +**contentSecurityPolicy** + + @@ -109,0 +170,12 @@ Your account is pending verification. +**strictTransportSecurity** + + +**xAmznErrorType** + + +**xContentTypeOptions** + + +**xFrameOptions** + + @@ -114,0 +187,12 @@ HTTP Status Code: 403 +**accessControlAllowOrigin** + + +**accessControlExposeHeaders** + + +**cacheControl** + + +**contentSecurityPolicy** + + @@ -119,0 +204,12 @@ Request references a resource which does not exist. +**strictTransportSecurity** + + +**xAmznErrorType** + + +**xContentTypeOptions** + + +**xFrameOptions** + + @@ -124,0 +221,12 @@ HTTP Status Code: 404 +**accessControlAllowOrigin** + + +**accessControlExposeHeaders** + + +**cacheControl** + + +**contentSecurityPolicy** + + @@ -129,0 +238,12 @@ Request was denied due to request throttling. +**strictTransportSecurity** + + +**xAmznErrorType** + + +**xContentTypeOptions** + + +**xFrameOptions** + + @@ -134,0 +255,12 @@ HTTP Status Code: 429 +**accessControlAllowOrigin** + + +**accessControlExposeHeaders** + + +**cacheControl** + + +**contentSecurityPolicy** + + @@ -139,0 +272,12 @@ The input fails to satisfy the constraints specified by an AWS service. +**strictTransportSecurity** + + +**xAmznErrorType** + + +**xContentTypeOptions** + + +**xFrameOptions** + +