[**CameraKit Web SDK v1.15.0**](../README.md)

***

[CameraKit Web SDK](../globals.md) / ValidationStrategy

# Type Alias: ValidationStrategy

> **ValidationStrategy**: `"deny"` \| `"strict"` \| `"route"` \| `"host"` \| `"unrestricted"`

Defines how Camera Kit handles lens HTTP requests against Remote API specs in the My Lenses portal.

- `"deny"`: Rejects all lens HTTP requests.
- `"strict"`: Full validation: host + path + method + path parameters + query parameters + headers. Default.
- `"route"`: Validates host + path + method + path parameters (skips query parameters and headers).
- `"host"`: Validates host only.
- `"unrestricted"`: No validation.

## Remarks

Use `"unrestricted"` only if you fully trust your lens developers. Lenses will be able to make
HTTP requests to any endpoint without validation against the allowlist.