The value that you want AWS WAF to search for. AWS WAF searches for the specified string in the part of web
requests that you specified in FieldToMatch
. The maximum length of the value is 50 bytes.
Valid values depend on the values that you specified for FieldToMatch
:
-
HEADER
: The value that you want AWS WAF to search for in the request header that you specified in
FieldToMatch, for example, the value of the User-Agent
or Referer
header.
-
METHOD
: The HTTP method, which indicates the type of operation specified in the request. CloudFront
supports the following methods: DELETE
, GET
, HEAD
, OPTIONS
,
PATCH
, POST
, and PUT
.
-
QUERY_STRING
: The value that you want AWS WAF to search for in the query string, which is the part
of a URL that appears after a ?
character.
-
URI
: The value that you want AWS WAF to search for in the part of a URL that identifies a resource,
for example, /images/daily-ad.jpg
.
-
BODY
: The part of a request that contains any additional data that you want to send to your web
server as the HTTP request body, such as data from a form. The request body immediately follows the request
headers. Note that only the first 8192
bytes of the request body are forwarded to AWS WAF for
inspection. To allow or block requests based on the length of the body, you can create a size constraint set. For
more information, see CreateSizeConstraintSet.
-
SINGLE_QUERY_ARG
: The parameter in the query string that you will inspect, such as UserName
or SalesRegion. The maximum length for SINGLE_QUERY_ARG
is 30 characters.
-
ALL_QUERY_ARGS
: Similar to SINGLE_QUERY_ARG
, but instead of inspecting a single
parameter, AWS WAF inspects all parameters within the query string for the value or regex pattern that you
specify in TargetString
.
If TargetString
includes alphabetic characters A-Z and a-z, note that the value is case sensitive.
If you're using the AWS WAF API
Specify a base64-encoded version of the value. The maximum length of the value before you base64-encode it is 50
bytes.
For example, suppose the value of Type
is HEADER
and the value of Data
is
User-Agent
. If you want to search the User-Agent
header for the value
BadBot
, you base64-encode BadBot
using MIME base64-encoding and include the resulting
value, QmFkQm90
, in the value of TargetString
.
If you're using the AWS CLI or one of the AWS SDKs
The value that you want AWS WAF to search for. The SDK automatically base64 encodes the value.
ByteBuffers are stateful. Calling their
get methods changes their
position. We recommend
using
java.nio.ByteBuffer#asReadOnlyBuffer() to create a read-only view of the buffer with an independent
position, and calling
get methods on this rather than directly on the returned
ByteBuffer.
Doing so will ensure that anyone else using the
ByteBuffer will not be affected by changes to the
position.