github.com/aquasecurity/trivy-iac@v0.8.1-0.20240127024015-3d8e412cf0ab/avd_docs/aws/elb/AVD-AWS-0052/docs.md

github.com/aquasecurity/trivy-iac@v0.8.1-0.20240127024015-3d8e412cf0ab/avd_docs/aws/elb/AVD-AWS-0052/docs.md (about)

     1  
     2  Passing unknown or invalid headers through to the target poses a potential risk of compromise. 
     3  
     4  By setting drop_invalid_header_fields to true, anything that doe not conform to well known, defined headers will be removed by the load balancer.
     5  
     6  ### Impact
     7  Invalid headers being passed through to the target of the load balance may exploit vulnerabilities
     8  
     9  <!-- DO NOT CHANGE -->
    10  {{ remediationActions }}
    11  
    12  ### Links
    13  - https://docs.aws.amazon.com/elasticloadbalancing/latest/application/application-load-balancers.html
    14  
    15