From f57dec7af2a8c6da1ba8105ef9116b85498cf2ad Mon Sep 17 00:00:00 2001 From: Pedro Sousa <680496+pedrosousa@users.noreply.github.com> Date: Wed, 25 Sep 2024 22:00:44 +0100 Subject: [PATCH] [WAF] Leaked credentials: Update fields for custom locations (#17100) --- src/content/docs/waf/detections/leaked-credentials/index.mdx | 2 -- 1 file changed, 2 deletions(-) diff --git a/src/content/docs/waf/detections/leaked-credentials/index.mdx b/src/content/docs/waf/detections/leaked-credentials/index.mdx index f8330909f10d4c..e6fada28d6f09c 100644 --- a/src/content/docs/waf/detections/leaked-credentials/index.mdx +++ b/src/content/docs/waf/detections/leaked-credentials/index.mdx @@ -72,8 +72,6 @@ Expressions used to specify custom detection locations can include the following - Fields: - [`http.request.body.raw`](/ruleset-engine/rules-language/fields/http-request-body/#httprequestbodyraw) - - [`http.request.headers`](/ruleset-engine/rules-language/fields/http-request-header/#httprequestheaders) - - [`http.request.uri.query`](/ruleset-engine/rules-language/fields/standard-fields/#httprequesturiquery) - Functions: - [`lookup_json_string()`](/ruleset-engine/rules-language/functions/#lookup_json_string) - [`lower()`](/ruleset-engine/rules-language/functions/#lower)