/* * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. * A copy of the License is located at * * http://aws.amazon.com/apache2.0 * * or in the "license" file accompanying this file. This file is distributed * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either * express or implied. See the License for the specific language governing * permissions and limitations under the License. */ /* * Do not modify this file. This file is generated from the wafv2-2019-07-29.normal.json service model. */ using System; using System.Collections.Generic; using System.Xml.Serialization; using System.Text; using System.IO; using System.Net; using Amazon.Runtime; using Amazon.Runtime.Internal; namespace Amazon.WAFV2.Model { ///

/// Specifies that WAF should run a Challenge check against the request to /// verify that the request is coming from a legitimate client session: /// ///

/// /// If the request includes a valid, unexpired challenge token, WAF applies any custom /// request handling and labels that you've configured and then allows the web request /// inspection to proceed to the next rule, similar to a CountAction. /// ///
/// /// If the request doesn't include a valid, unexpired challenge token, WAF discontinues /// the web ACL evaluation of the request and blocks it from going to its intended destination. /// /// /// /// WAF then generates a challenge response that it sends back to the client, which includes /// the following: /// ///
- /// /// The header x-amzn-waf-action with a value of challenge. /// /// ///
- /// /// The HTTP status code 202 Request Accepted. /// ///
- /// /// If the request contains an Accept header with a value of text/html, /// the response includes a JavaScript page interstitial with a challenge script. /// ///
/// /// Challenges run silent browser interrogations in the background, and don't generally /// affect the end user experience. /// /// /// /// A challenge enforces token acquisition using an interstitial JavaScript challenge /// that inspects the client session for legitimate behavior. The challenge blocks bots /// or at least increases the cost of operating sophisticated bots. /// /// /// /// After the client session successfully responds to the challenge, it receives a new /// token from WAF, which the challenge script uses to resubmit the original request. /// /// ///

/// /// You can configure the expiration time in the ChallengeConfig ImmunityTimeProperty /// setting at the rule and web ACL level. The rule setting overrides the web ACL setting. /// /// /// /// /// This action option is available for rules. It isn't available for web ACL default /// actions. /// ///

public partial class ChallengeAction { private CustomRequestHandling _customRequestHandling; ///

/// Gets and sets the property CustomRequestHandling. /// /// Defines custom handling for the web request, used when the challenge inspection determines /// that the request's token is valid and unexpired. /// /// /// /// For information about customizing web requests and responses, see Customizing /// web requests and responses in WAF in the WAF Developer Guide. /// ///

public CustomRequestHandling CustomRequestHandling { get { return this._customRequestHandling; } set { this._customRequestHandling = value; } } // Check to see if CustomRequestHandling property is set internal bool IsSetCustomRequestHandling() { return this._customRequestHandling != null; } } }