/AWS1/CL_FNTRSPHEADERSPLYSEC00¶
A configuration for a set of security-related HTTP response headers. CloudFront adds these headers to HTTP responses that it sends for requests that match a cache behavior associated with this response headers policy.
CONSTRUCTOR¶
IMPORTING¶
Optional arguments:¶
io_xssprotection TYPE REF TO /AWS1/CL_FNTRSPHEADERSPLYXSS00 /AWS1/CL_FNTRSPHEADERSPLYXSS00¶
Determines whether CloudFront includes the
X-XSS-ProtectionHTTP response header and the header's value.For more information about the
X-XSS-ProtectionHTTP response header, see X-XSS-Protection in the MDN Web Docs.
io_frameoptions TYPE REF TO /AWS1/CL_FNTRSPHEADERSPLYFRA00 /AWS1/CL_FNTRSPHEADERSPLYFRA00¶
Determines whether CloudFront includes the
X-Frame-OptionsHTTP response header and the header's value.For more information about the
X-Frame-OptionsHTTP response header, see X-Frame-Options in the MDN Web Docs.
io_referrerpolicy TYPE REF TO /AWS1/CL_FNTRSPHEADERSPLYREF00 /AWS1/CL_FNTRSPHEADERSPLYREF00¶
Determines whether CloudFront includes the
Referrer-PolicyHTTP response header and the header's value.For more information about the
Referrer-PolicyHTTP response header, see Referrer-Policy in the MDN Web Docs.
io_contentsecuritypolicy TYPE REF TO /AWS1/CL_FNTRSPHEADERSPLYCON00 /AWS1/CL_FNTRSPHEADERSPLYCON00¶
The policy directives and their values that CloudFront includes as values for the
Content-Security-PolicyHTTP response header.For more information about the
Content-Security-PolicyHTTP response header, see Content-Security-Policy in the MDN Web Docs.
io_contenttypeoptions TYPE REF TO /AWS1/CL_FNTRSPHEADERSPLYCON01 /AWS1/CL_FNTRSPHEADERSPLYCON01¶
Determines whether CloudFront includes the
X-Content-Type-OptionsHTTP response header with its value set tonosniff.For more information about the
X-Content-Type-OptionsHTTP response header, see X-Content-Type-Options in the MDN Web Docs.
io_stricttransportsecurity TYPE REF TO /AWS1/CL_FNTRSPHEADERSPLYSTR00 /AWS1/CL_FNTRSPHEADERSPLYSTR00¶
Determines whether CloudFront includes the
Strict-Transport-SecurityHTTP response header and the header's value.For more information about the
Strict-Transport-SecurityHTTP response header, see Security headers in the Amazon CloudFront Developer Guide and Strict-Transport-Security in the MDN Web Docs.
Queryable Attributes¶
XSSProtection¶
Determines whether CloudFront includes the
X-XSS-ProtectionHTTP response header and the header's value.For more information about the
X-XSS-ProtectionHTTP response header, see X-XSS-Protection in the MDN Web Docs.
Accessible with the following methods¶
| Method | Description |
|---|---|
GET_XSSPROTECTION() |
Getter for XSSPROTECTION |
FrameOptions¶
Determines whether CloudFront includes the
X-Frame-OptionsHTTP response header and the header's value.For more information about the
X-Frame-OptionsHTTP response header, see X-Frame-Options in the MDN Web Docs.
Accessible with the following methods¶
| Method | Description |
|---|---|
GET_FRAMEOPTIONS() |
Getter for FRAMEOPTIONS |
ReferrerPolicy¶
Determines whether CloudFront includes the
Referrer-PolicyHTTP response header and the header's value.For more information about the
Referrer-PolicyHTTP response header, see Referrer-Policy in the MDN Web Docs.
Accessible with the following methods¶
| Method | Description |
|---|---|
GET_REFERRERPOLICY() |
Getter for REFERRERPOLICY |
ContentSecurityPolicy¶
The policy directives and their values that CloudFront includes as values for the
Content-Security-PolicyHTTP response header.For more information about the
Content-Security-PolicyHTTP response header, see Content-Security-Policy in the MDN Web Docs.
Accessible with the following methods¶
| Method | Description |
|---|---|
GET_CONTENTSECURITYPOLICY() |
Getter for CONTENTSECURITYPOLICY |
ContentTypeOptions¶
Determines whether CloudFront includes the
X-Content-Type-OptionsHTTP response header with its value set tonosniff.For more information about the
X-Content-Type-OptionsHTTP response header, see X-Content-Type-Options in the MDN Web Docs.
Accessible with the following methods¶
| Method | Description |
|---|---|
GET_CONTENTTYPEOPTIONS() |
Getter for CONTENTTYPEOPTIONS |
StrictTransportSecurity¶
Determines whether CloudFront includes the
Strict-Transport-SecurityHTTP response header and the header's value.For more information about the
Strict-Transport-SecurityHTTP response header, see Security headers in the Amazon CloudFront Developer Guide and Strict-Transport-Security in the MDN Web Docs.
Accessible with the following methods¶
| Method | Description |
|---|---|
GET_STRICTTRANSPORTSECURITY() |
Getter for STRICTTRANSPORTSECURITY |