Response
A configuration for a set of security-related HTTP response headers. CloudFront adds these headers to HTTP responses that it sends for requests that match a cache behavior associated with this response headers policy.
Constructors
Properties
The policy directives and their values that CloudFront includes as values for the `Content-Security-Policy` HTTP response header. For more information about the `Content-Security-Policy` HTTP response header, see Content-Security-Policy in the MDN Web Docs.
Determines whether CloudFront includes the `X-Content-Type-Options` HTTP response header with its value set to `nosniff`. For more information about the `X-Content-Type-Options` HTTP response header, see X-Content-Type-Options in the MDN Web Docs.
Determines whether CloudFront includes the `X-Frame-Options` HTTP response header and the header's value. For more information about the `X-Frame-Options` HTTP response header, see X-Frame-Options in the MDN Web Docs.
Determines whether CloudFront includes the `Referrer-Policy` HTTP response header and the header's value. For more information about the `Referrer-Policy` HTTP response header, see Referrer-Policy in the MDN Web Docs.
Determines whether CloudFront includes the `Strict-Transport-Security` HTTP response header and the header's value. For more information about the `Strict-Transport-Security` HTTP response header, see Security headers in the Amazon CloudFront Developer Guide and Strict-Transport-Security in the MDN Web Docs.
Determines whether CloudFront includes the `X-XSS-Protection` HTTP response header and the header's value. For more information about the `X-XSS-Protection` HTTP response header, see X-XSS-Protection in the MDN Web Docs.