AWS ivs documentation change
Summary
Added HTTP security headers (accessControlAllowOrigin, contentSecurityPolicy, strictTransportSecurity, xFrameOptions, etc.) to error response documentation
Security assessment
The change adds documentation for security-related HTTP headers in error responses, similar to the UpdateChannel API. These headers enhance security by preventing clickjacking attacks, enforcing HTTPS, and controlling cross-origin resource sharing. This documents security features rather than fixing a specific vulnerability.
Diff
diff --git a/ivs/latest/LowLatencyAPIReference/API_UpdatePlaybackRestrictionPolicy.md b/ivs/latest/LowLatencyAPIReference/API_UpdatePlaybackRestrictionPolicy.md index 83a5caa2b..6b26c5fa1 100644 --- a//ivs/latest/LowLatencyAPIReference/API_UpdatePlaybackRestrictionPolicy.md +++ b//ivs/latest/LowLatencyAPIReference/API_UpdatePlaybackRestrictionPolicy.md @@ -130,0 +131,12 @@ For information about the errors that are common to all actions, see [Common Err +**accessControlAllowOrigin** + + +**accessControlExposeHeaders** + + +**cacheControl** + + +**contentSecurityPolicy** + + @@ -135,0 +148,12 @@ User does not have sufficient access to perform this action. +**strictTransportSecurity** + + +**xAmznErrorType** + + +**xContentTypeOptions** + + +**xFrameOptions** + + @@ -140,0 +165,12 @@ HTTP Status Code: 403 +**accessControlAllowOrigin** + + +**accessControlExposeHeaders** + + +**cacheControl** + + +**contentSecurityPolicy** + + @@ -145,0 +182,12 @@ Updating or deleting a resource can cause an inconsistent state. +**strictTransportSecurity** + + +**xAmznErrorType** + + +**xContentTypeOptions** + + +**xFrameOptions** + + @@ -150,0 +199,12 @@ HTTP Status Code: 409 +**accessControlAllowOrigin** + + +**accessControlExposeHeaders** + + +**cacheControl** + + +**contentSecurityPolicy** + + @@ -155,0 +216,12 @@ Your account is pending verification. +**strictTransportSecurity** + + +**xAmznErrorType** + + +**xContentTypeOptions** + + +**xFrameOptions** + + @@ -160,0 +233,12 @@ HTTP Status Code: 403 +**accessControlAllowOrigin** + + +**accessControlExposeHeaders** + + +**cacheControl** + + +**contentSecurityPolicy** + + @@ -165,0 +250,12 @@ Request references a resource which does not exist. +**strictTransportSecurity** + + +**xAmznErrorType** + + +**xContentTypeOptions** + + +**xFrameOptions** + + @@ -170,0 +267,12 @@ HTTP Status Code: 404 +**accessControlAllowOrigin** + + +**accessControlExposeHeaders** + + +**cacheControl** + + +**contentSecurityPolicy** + + @@ -175,0 +284,12 @@ The input fails to satisfy the constraints specified by an AWS service. +**strictTransportSecurity** + + +**xAmznErrorType** + + +**xContentTypeOptions** + + +**xFrameOptions** + +