Container for the parameters to the CreateXssMatchSet operation. Creates an
XssMatchSet, which you use to allow, block, or count requests that contain cross-site scripting attacks in the specified part of web requests. AWS WAF searches for character sequences that are likely to be malicious strings.
To create and configure an XssMatchSet
, perform the following steps:
-
Use GetChangeToken to get the change token that you provide in the ChangeToken
parameter of a CreateXssMatchSet
request.
-
Submit a CreateXssMatchSet
request.
-
Use GetChangeToken
to get the change token that you provide in the ChangeToken
parameter of an UpdateXssMatchSet request.
-
Submit an UpdateXssMatchSet request to specify the parts of web requests in which you want to allow, block, or count cross-site scripting attacks.
For more information about how to use the AWS WAF API to allow or block HTTP requests, see the AWS WAF Developer Guide.