Forum Discussion
2 Replies
Sort By
- Joel_CohenEmployee
Hi Kazuto,
The F5 Rules for AWS WAF - Web exploits OWASP Rules has rules for blocking different HTTP Header Injections. Depending on the HTTP request and how AWS parses and handles it for inspection, the rules in place should block injections in HTTP headers. If you find that something is not blocked as expected, please share with us a sample request and we will check into it further