AWS ivs medium security documentation change
Summary
Removed HTTP security headers from error response examples.
Security assessment
Removal of security headers (Content-Security-Policy, Strict-Transport-Security, X-Frame-Options etc.) from documented error responses reduces visibility into security protections. This could impact customers' understanding of security controls during error conditions. Concrete evidence: Multiple security headers explicitly removed from 403/429/400 error examples.
Diff
diff --git a/ivs/latest/LowLatencyAPIReference/API_BatchStartViewerSessionRevocation.md b/ivs/latest/LowLatencyAPIReference/API_BatchStartViewerSessionRevocation.md index 59e183265..b5fcd4750 100644 --- a//ivs/latest/LowLatencyAPIReference/API_BatchStartViewerSessionRevocation.md +++ b//ivs/latest/LowLatencyAPIReference/API_BatchStartViewerSessionRevocation.md @@ -129,15 +128,0 @@ For information about the errors that are common to all actions, see [Common Err -**accessControlAllowOrigin** - - -**accessControlExposeHeaders** - - -**cacheControl** - - -**contentSecurityPolicy** - - -**exceptionMessage** - - @@ -146,12 +130,0 @@ User does not have sufficient access to perform this action. -**strictTransportSecurity** - - -**xAmznErrorType** - - -**xContentTypeOptions** - - -**xFrameOptions** - - @@ -163,15 +135,0 @@ HTTP Status Code: 403 -**accessControlAllowOrigin** - - -**accessControlExposeHeaders** - - -**cacheControl** - - -**contentSecurityPolicy** - - -**exceptionMessage** - - @@ -180,12 +137,0 @@ Your account is pending verification. -**strictTransportSecurity** - - -**xAmznErrorType** - - -**xContentTypeOptions** - - -**xFrameOptions** - - @@ -197,15 +142,0 @@ HTTP Status Code: 403 -**accessControlAllowOrigin** - - -**accessControlExposeHeaders** - - -**cacheControl** - - -**contentSecurityPolicy** - - -**exceptionMessage** - - @@ -214,12 +144,0 @@ Request was denied due to request throttling. -**strictTransportSecurity** - - -**xAmznErrorType** - - -**xContentTypeOptions** - - -**xFrameOptions** - - @@ -231,15 +149,0 @@ HTTP Status Code: 429 -**accessControlAllowOrigin** - - -**accessControlExposeHeaders** - - -**cacheControl** - - -**contentSecurityPolicy** - - -**exceptionMessage** - - @@ -248,12 +151,0 @@ The input fails to satisfy the constraints specified by an AWS service. -**strictTransportSecurity** - - -**xAmznErrorType** - - -**xContentTypeOptions** - - -**xFrameOptions** - -