ALB Not Dropping Invalid Headers @ /terraform_examples/positive2.tf

**Checkmarx \(IaC\-Security\):** ALB Not Dropping Invalid Headers
**Checkmarx Project:** [hirendgithub/astlab\-fork](https://ind.ast.checkmarx.net/projects/b68b6210-4d5b-4ae1-a7cb-9355df94f5ba/overview?branch=main)
**Repository URL:** [https://github.com/hirendgithub/astlab\-fork](https://github.com/hirendgithub/astlab-fork)
**Branch:** main
**Scan ID:** [3b325f77\-d5e9\-4a6d\-8654\-67201e0073df](https://ind.ast.checkmarx.net/projects/b68b6210-4d5b-4ae1-a7cb-9355df94f5ba/scans?id=3b325f77-d5e9-4a6d-8654-67201e0073df&branch=main)


----
It's considered a best practice when using Application Load Balancers to drop invalid header fields



**Locations:**

**Result 1:**
**Severity:** MEDIUM
**State:** TO_VERIFY
**Status:** RECURRENT
**&nbsp;&nbsp;&nbsp;&nbsp;File:** [/terraform\_examples/positive2.tf\[49,0\]](https://github.com/hirendgithub/astlab-fork/blob/mainterraform_examples/positive2.tf#L49)
**&nbsp;&nbsp;&nbsp;&nbsp;Expected value:** aws_lb[{{test}}].drop_invalid_header_fields should be set to true
**&nbsp;&nbsp;&nbsp;&nbsp;Actual value:** aws_lb[{{test}}].drop_invalid_header_fields is missing
&nbsp;&nbsp;&nbsp;&nbsp;Review result in Checkmarx One: [ALB Not Dropping Invalid Headers](https://ind.ast.checkmarx.net/results/3b325f77-d5e9-4a6d-8654-67201e0073df/b68b6210-4d5b-4ae1-a7cb-9355df94f5ba/kics?result-id=4DrT3DqHGTVxGBdxbO6I77oQXC4%3D)




Provide feedback

Saved searches

Use saved searches to filter your results more quickly

ALB Not Dropping Invalid Headers @ /terraform_examples/positive2.tf #45

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

ALB Not Dropping Invalid Headers @ /terraform_examples/positive2.tf #45

Description

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions